Titanium 1.2.2a
Released 20 years, 3 months ago. August 2004
Copyright © MegaSecurity
By The Neptic
Informations
| From | Russia |
| Author | The Neptic |
| Family | Titanium |
| Category | Remote Access |
| Version | Titanium 1.2.2a |
| Released Date | Aug 2004, 20 years, 3 months ago. |
| Language | Delphi, compressed with UPX |
Additional Information
Server:
dropped files:
c:\WINNT\leass.exe Size: 273 920 bytes
c:\WINNT\system\s32event.dll Size: 10 240 bytes
c:\WINNT\system32\msscan.exe Size: 273 920 bytes
c:\WINNT\system32\notes.txt Size: 273 920 bytes
c:\WINNT\system32\swchost.exe Size: 273 920 bytes
port: 57 TCP
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell"
old data: Explorer.exe
new data: Explorer.exe leass.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "run"
data: C:\WINNT\system32\msscan.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Laas"
data: C:\WINNT\leass.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "M$Two"
data: C:\WINNT\system32\msscan.exe
tested on Win2000
February 14, 2005If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.