Petala
Copyright © MegaSecurity
Informations
| From | Brazil |
| Family | Petala |
| Category | Remote Access |
| Version | Petala |
| Language | Visual Basic |
Additional Information
Servers:
c:\WINDOWS\windata.exe
c:\WINDOWS\SYSTEM\msjis.exe
size: 331.776 bytes
port: 113 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Microsoft Network Control"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Microsoft Network Registry Control"
added:
c:\WINDOWS\regbck.sys
c:\WINDOWS\windata.exe
c:\WINDOWS\SYSTEM\msjis.exe
The backdoor can be controlled using an IRC bot.
Author Information / Description
Internal Name: nav2004If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.