Remote Revise 1.72(updated)

Copyright © MegaSecurity

By W@SyL


Informations
From Poland
Author W@SyL
Family Remote Revise
Category Remote Access
Version Remote Revise 1.72(updated)
Language Delphi, client is compressed with UPX
Additional Information
Server:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "SysTray32" 

C:\WINDOWS\SYSTEM\systray32c.exe 

size: 588.800 bytes

port: 4545 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "SysTray32" 

added:
c:\WINDOWS\SYSTEM\serv.exe 
c:\WINDOWS\SYSTEM\sscfg.dat 
c:\WINDOWS\SYSTEM\sscontact.dat 
c:\WINDOWS\SYSTEM\ssmsg.dat 
c:\WINDOWS\SYSTEM\sspodpis.dat 
c:\WINDOWS\SYSTEM\ssprofile.dat 
c:\WINDOWS\SYSTEM\SYSTRAY32C.EXE

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.