Remote Revise 1.72(updated)
Copyright © MegaSecurity
By W@SyL
Informations
From | Poland |
Author | W@SyL |
Family | Remote Revise |
Category | Remote Access |
Version | Remote Revise 1.72(updated) |
Language | Delphi, client is compressed with UPX |
Additional Information
Server:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "SysTray32"
C:\WINDOWS\SYSTEM\systray32c.exe
size: 588.800 bytes
port: 4545 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "SysTray32"
added:
c:\WINDOWS\SYSTEM\serv.exe
c:\WINDOWS\SYSTEM\sscfg.dat
c:\WINDOWS\SYSTEM\sscontact.dat
c:\WINDOWS\SYSTEM\ssmsg.dat
c:\WINDOWS\SYSTEM\sspodpis.dat
c:\WINDOWS\SYSTEM\ssprofile.dat
c:\WINDOWS\SYSTEM\SYSTRAY32C.EXE
If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.