Telnet Backdoor 1.4

Released 20 years, 3 months ago. August 2004

Copyright © MegaSecurity

By heroin


Informations
Author heroin
Family Telnet Server
Category Remote Access
Version Telnet Backdoor 1.4
Released Date Aug 2004, 20 years, 3 months ago.
Additional Information
dropped file:
c:\WINDOWS\system32\svchost.exe 
size: 67.584 bytes 
 
port: 1023 TCP

added to registry:
HKEY_CLASSES_ROOT\.exe 
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WMI-CLIENT\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\svchost
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WMI-Client\Enum
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WMI-Client\Security
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WMI-CLIENT\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\svchost
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WMI-Client\Enum
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WMI-Client\Security

tested on Windows XP

Author Information / Description
heroin

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.