Remote Revise 1.72(updated)
Copyright © MegaSecurity
By W@SyL
Informations
| From | Poland |
| Author | W@SyL |
| Family | Remote Revise |
| Category | Remote Access |
| Version | Remote Revise 1.72(updated) |
| Language | Delphi, client is compressed with UPX |
Additional Information
Server:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "SysTray32"
C:\WINDOWS\SYSTEM\systray32c.exe
size: 588.800 bytes
port: 4545 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "SysTray32"
added:
c:\WINDOWS\SYSTEM\serv.exe
c:\WINDOWS\SYSTEM\sscfg.dat
c:\WINDOWS\SYSTEM\sscontact.dat
c:\WINDOWS\SYSTEM\ssmsg.dat
c:\WINDOWS\SYSTEM\sspodpis.dat
c:\WINDOWS\SYSTEM\ssprofile.dat
c:\WINDOWS\SYSTEM\SYSTRAY32C.EXEIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.