Recub
Released 20 years, 8 months ago. January 2004
Copyright © MegaSecurity
By Hirosh
Informations
| Author | Hirosh |
| Family | Recub |
| Category | Remote Access |
| Version | Recub |
| Released Date | Jan 2004, 20 years, 8 months ago. |
Additional Information
Server:
size: 5.520 bytes
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{H9I12RB03-AB-B70-7-11d2-9CBD-0O00FS7AH6-9E2121BHJLK} "StubPath"
registry added:
HKEY_CURRENT_USER\Software\Microsoft\Cryptography\UserKeys\*Default*
HKEY_LOCAL_MACHINE\Software\Microsoft\Protected Storage System Provider\*Default*\Data\4d1fa410-6fd9-11d0-8c58-00c04fd9126b\4d1fa412-6fd9-11d0-8c58-00c04fd9126b
Author Information / Description
RECUB Features.
1 RC4 Encripted Reverce connect Shell for XP,2k,2003.
2 Bypass Firewalls by starting new instance of Internet explorer and injecting code
3 Activate throw Encrypted ICMP request
5 No listning ports
6 No Process visible,injects into Explorer.exe on startup and exiting
6 Activex startup
7 Empty All Event Logs After exiting the shell.
8 We can use Netcat also for remote shell.
9 EXE size only 5.39 KB
HiroshIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.