Sood

Copyright © MegaSecurity

By ?


Informations
Author ?
Family Sood
Category Remote Access
Version Sood
Language Delphi
Additional Information
Backdoor.Win32.Sood:
dropped files:
c:\WINDOWS\SYSTEM\loadnbs.exe     size: 411 KB
c:\WINDOWS\REGEDIT.EXE 
c:\WINDOWS\SCANREGW.EXE 
c:\WINDOWS\WELCOME.EXE 
c:\WINDOWS\SYSTEM\INTERNAT.EXE 
c:\WINDOWS\netwatch.exe 
c:\WINDOWS\regedit.ock 
c:\WINDOWS\scanregw.ock 
c:\WINDOWS\welcome.ock 
c:\WINDOWS\SYSTEM\internat.ock 

added to registry::
HKCR\exefile\shell\open\command "(Default)" 

HKEY_CLASSES_ROOT\ockfile\Shellex\{86F19A00-42A0-1069-A2E9-08002B30309D} 
HKEY_CLASSES_ROOT\ockfile\Shellex\{B41DB860-8EE4-11D2-9906-E49FADC173CA}

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.