Poltergeist 1.1 (b)
Released 20 years, 11 months ago. October 2003
Copyright © MegaSecurity
By Trainwreck
Informations
| Author | Trainwreck |
| Family | Poltergeist |
| Category | Remote Access |
| Version | Poltergeist 1.1 (b) |
| Released Date | Oct 2003, 20 years, 11 months ago. |
| Language | Visual Basic |
Additional Information
Installer:
size: 402.628 bytes
server:
c:\WINDOWS\NAVscan.exe
size: 20.480 bytes
port: 12001, 12002, 12003, 12004, 12005, 12007, 12008, 12010, 12016, 33156, 55165, 55166 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "ccrs.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Explorer.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "MSDOS"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
registry added:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools"
files added:
c:\WINDOWS\Trainwreck.dll
c:\WINDOWS\server.exe
c:\WINDOWS\NAVscan.exeIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.