QQ Spy
Released 21 years, 3 months ago. August 2003
Copyright © MegaSecurity
By ?
Informations
| From | China |
| Author | ? |
| Family | QQ Spy |
| Category | Information Stealer |
| Version | QQ Spy |
| Released Date | Aug 2003, 21 years, 3 months ago. |
Additional Information
Server:
dropped files:
c:\Config.Msi\IytSQ.exe size: 19.456 bytes
c:\Config.Msi\nFwmlI.exe size: 19.456 bytes
c:\Config.Msi\wmlIyt.exe size: 19.456 bytes
c:\Documents and Settings\dObdsfpo.exe size: 19.456 bytes
c:\Documents and Settings\erQSt.exe size: 19.456 bytes
c:\Documents and Settings\HaEqnF.exe size: 19.456 bytes
c:\Documents and Settings\mlIytS.exe size: 19.456 bytes
c:\Program Files\dObdsfpo.exe size: 19.456 bytes
c:\Program Files\EqnFwm.exe size: 19.456 bytes
c:\Program Files\fpocbvg.exe size: 19.456 bytes
c:\Program Files\gHaEqn.exe size: 19.456 bytes
c:\WINNT\aEqnFw.exe size: 19.456 bytes
c:\WINNT\bdsfpoc.exe size: 19.456 bytes
c:\WINNT\FwmlIy.exe size: 19.456 bytes
c:\WINNT\wmlIyt.exe size: 19.456 bytes
c:\WUTemp\bdsfpoc.exe size: 19.456 bytes
c:\WUTemp\cbvgHaE.exe size: 19.456 bytes
c:\WUTemp\dsfpocb.exe size: 19.456 bytes
c:\WUTemp\tSQre.exe size: 19.456 bytes
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "explorer"
HKEY_CLASSES_ROOT\chm.file\shell\open\command "(Default)"
HKEY_CLASSES_ROOT\txtfile\shell\open\command "(Default)"If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.