R0xr4t 1.0

Copyright © MegaSecurity

By c400s


Informations
From Brazil
Author c400s
Family R0xr4t
Category Remote Access
Version R0xr4t 1.0
Language Delphi
Additional Information
Server:
C:\WINDOWS\RUNDLL666.EXE 
C:\WINDOWS\SYSTEM\RUNVXD32.EXE 

size: 602.624 bytes

port: 5050, 60551, 60552 TCP

startup:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run "Run DLL 666" 
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices "Run DLL 666" 
HKCR\txtfile\shell\open\command "(Default)" 
c:\windows\system.ini, [boot] "shell" 
c:\windows\win.ini, [windows] "run"

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.