PvtBeast
Copyright © MegaSecurity
By ?
Informations
| Author | ? |
| Family | PvtBeast |
| Category | Remote Access |
| Version | PvtBeast |
| Language | Delphi, compressed with UPX |
Additional Information
dropped files:
c:\WINDOWS\system32\reg heale.exe size: 53.248 bytes
c:\WINDOWS\system32\Com\mscrs.com size: 53.248 bytes
c:\WINDOWS\system32\wbem\mswb.com size: 53.248 bytes
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{55AA0432-BB51-31EF-A1FA-11AE12E6115C} "StubPath"
data: C:\WINDOWS\System32\wbem\mswb.com
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run "COM Service"
data: C:\WINDOWS\System32\COM\mscrs.com
tested on Windows XP
December 13, 2004If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.