Remote Time Bomb
Released 20 years, 2 months ago. July 2004
Copyright © MegaSecurity
By Splinter
Informations
| Author | Splinter |
| Family | Remote Time Bomb |
| Category | Remote Access |
| Version | Remote Time Bomb |
| Released Date | Jul 2004, 20 years, 2 months ago. |
| Language | Visual Basic |
Additional Information
Server:
size: 49.292 bytes
folders deleted:
c:\Documents and Settings\All Users\Desktop
c:\Program Files\Accessories
c:\Program Files\Accessories\Imagevue
c:\Program Files\Common Files\Adaptec Shared
c:\Program Files\Common Files\Adaptec Shared\CDEngine
c:\Program Files\Common Files\Adaptec Shared\CreatorAPI
c:\Program Files\Common Files\AVP Shared Files\AVPBASES
port: 781 TCP
added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "blabla"
data: c:\windows\system32\bomb.exe
tested on win2000
on win98:
dropped files:
c:\WINDOWS\SYSTEM\bomb.exe size: 49.292 bytes
c:\WINDOWS\SYSTEM32\bomb.exe size: 49.292 bytes
folders deleted:
c:\Program Files\Common Files\InstallShield
c:\Program Files\Common Files\InstallShield\Driver
c:\Program Files\Common Files\InstallShield\Driver\7
c:\Program Files\Common Files\InstallShield\Driver\7\Intel 32
c:\Program Files\Common Files\InstallShield\Driver\8
c:\Program Files\Common Files\InstallShield\Driver\8\Intel 32
c:\Program Files\Common Files\Microsoft Shared\MSINFO
c:\Program Files\Common Files\Microsoft Shared\TEXTCONV
c:\Program Files\Common Files\SERVICES
c:\Program Files\Common Files\SYSTEM
c:\Program Files\Common Files\SYSTEM\ADO
c:\Program Files\Common Files\SYSTEM\MSADC
c:\Program Files\Common Files\SYSTEM\ole db
port: 781 TCP
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "blabla"
data: c:\windows\system32\bomb.exeIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.