Pro Agent 1.2
Released 21 years, 2 months ago. July 2003
Copyright © MegaSecurity
By ATmaCA
Informations
| From | Turkey |
| Author | ATmaCA |
| Family | Pro Agent |
| Category | Information Stealer |
| Version | Pro Agent 1.2 |
| Released Date | Jul 2003, 21 years, 2 months ago. |
| Language | C++ |
Additional Information
Server:
dropped files:
c:\WINDOWS\SYSTEM\dtxservice.exe
c:\WINDOWS\CRSS.EXE
c:\WINDOWS\fps.atm
c:\WINDOWS\fps.exe
c:\WINDOWS\icq.dll
c:\WINDOWS\iss32.exe
c:\WINDOWS\kdd32.atm
c:\WINDOWS\kt.atm
c:\WINDOWS\ktd32.atm
c:\WINDOWS\mps.atm
c:\WINDOWS\mps.exe
c:\WINDOWS\SYSTEM\dtxservice.exe
c:\WINDOWS\SYSTEM\ekran_g.jpg
added to registry:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run "DirectX For Microsoft� Windows"
HKEY_LOCAL_MACHINE\Software\Microsoft\Protected Storage System Provider\*Default*\Data 2\Windows "Value"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run "DirectX For Microsoft� Windows"
Author Information / Description
What's new
-----------------------------------
'+' = New feature
'-' = Bug fixed or Removed
'*' = Improved or Changed
-----------------------------------
===================================
Version 1.2
16/7/03
===================================
+ Added support for MS Outlook passwords. (POP3 accounts only)
+ Added support for Eudora passwords.
+ Added support for IncrediMail passwords.
+ Added support for Group Mail Free passwords.
+ Added support for MSN Explorer passwords.
+ Added support for AutoComplete passwords in Internet Explorer
+ Added support for Password-protected sites in Internet Explorer
+ Added property "screenshoot quality" manual
+ Added property "Melt server on install" manual
+ Added property "Upx unpack" manual
+ Added property "Fake error message" manual
+ Added property "Interval(delay) in seconds between data sending retries" manual
- Fix the bug "When server startup,automaticly run outlook express to recovery passwords"
- Fix the bug "Driver_32 error on win9x"
ATmaCAIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.