RBackdoor (a)
Copyright © MegaSecurity
By RedKod Team
Informations
| Author | RedKod Team |
| Family | RBackdoor |
| Category | Remote Access |
| Version | RBackdoor (a) |
Additional Information
dropped file:
c:\WINDOWS\svchost.exe
size: 55,784 bytes
port: 7531 TCP
startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "MSkernel32"
data: C:\WINDOWS\svchost.exe 7531
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "MSkernel32"
data: C:\WINDOWS\svchost.exe 7531
tested on Windows XP
February 09, 2006If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.