Reload (j)
Copyright © MegaSecurity
By Wspomagacz
Informations
| From | Poland |
| Author | Wspomagacz |
| Family | Reload |
| Category | Remote Access |
| Version | Reload (j) |
| Language | Delphi, compressed with UPX |
Additional Information
dropped files:
c:\WINDOWS\svchost32.exe Size: 383,652 bytes
c:\WINDOWS\svchost32.exe.wsu Size: 576 bytes
port: 60007, 60008 TCP
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Userinit"
old data: C:\WINDOWS\system32\userinit.exe,
new data: C:\WINDOWS\svchost32.exe,C:\WINDOWS\system32\userinit.exe,
tested on Windows XP
March 10, 2006If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.