Titanium 1.2.2a
Released 20 years, 3 months ago. August 2004
Copyright © MegaSecurity
By The Neptic
Informations
From | Russia |
Author | The Neptic |
Family | Titanium |
Category | Remote Access |
Version | Titanium 1.2.2a |
Released Date | Aug 2004, 20 years, 3 months ago. |
Language | Delphi, compressed with UPX |
Additional Information
Server:
dropped files:
c:\WINNT\leass.exe Size: 273 920 bytes
c:\WINNT\system\s32event.dll Size: 10 240 bytes
c:\WINNT\system32\msscan.exe Size: 273 920 bytes
c:\WINNT\system32\notes.txt Size: 273 920 bytes
c:\WINNT\system32\swchost.exe Size: 273 920 bytes
port: 57 TCP
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell"
old data: Explorer.exe
new data: Explorer.exe leass.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "run"
data: C:\WINNT\system32\msscan.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Laas"
data: C:\WINNT\leass.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "M$Two"
data: C:\WINNT\system32\msscan.exe
tested on Win2000
February 14, 2005
If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.