Sharkan
Copyright © MegaSecurity
By DFG 2002
Informations
| Author | DFG 2002 |
| Family | Sharkan |
| Category | Remote Access |
| Version | Sharkan |
| Language | Delphi, packed / encrypted with tElock |
Additional Information
Server:
dropped files:
c:\WINDOWS\SYSTEM\DirectX3D.exe Size: 199.168 bytes
c:\WINDOWS\SYSTEM\msgsrv16.exe Size: 199.168 bytes
port: 12340 TCP
startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "DirectX 3D Service"
data: DirectX3D.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "server.EXE"
data: server.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "MSGSRV16.EXE"
data: MSGSRV16.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Service386Shell"
data: msgsrv16.exe
tested on Windows 98
March 17, 2006If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.