Titanium 1.2.2a

Released 20 years, 3 months ago. August 2004

Copyright © MegaSecurity

By The Neptic


Informations
From Russia
Author The Neptic
Family Titanium
Category Remote Access
Version Titanium 1.2.2a
Released Date Aug 2004, 20 years, 3 months ago.
Language Delphi, compressed with UPX
Additional Information
Server: 
dropped files:
c:\WINNT\leass.exe             Size: 273 920 bytes 
c:\WINNT\system\s32event.dll   Size: 10 240 bytes 
c:\WINNT\system32\msscan.exe   Size: 273 920 bytes 
c:\WINNT\system32\notes.txt    Size: 273 920 bytes 
c:\WINNT\system32\swchost.exe  Size: 273 920 bytes 

port: 57 TCP

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell"
old data: Explorer.exe 
new data: Explorer.exe leass.exe 

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "run"
data: C:\WINNT\system32\msscan.exe 
	
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Laas"
data: C:\WINNT\leass.exe 
	
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "M$Two"
data: C:\WINNT\system32\msscan.exe 



tested on Win2000
February 14, 2005

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.