Tokkun2

Released 20 years, 6 months ago. May 2004

By Ontarget

Informations

From	Colombia
Author	Ontarget
Family	Tokkun2
Category	Remote Access
Version	Tokkun2
Released Date	May 2004, 20 years, 6 months ago.

Additional Information

dropped files:
c:\WINNT\system32\ntosrnl.exe    size: 448.000 bytes 
c:\WINNT\system32\tokkun2.exe    size: 24.576 bytes 
c:\WINNT\system32\tokkun2.swf    size: 41.413 bytes 
c:\WINNT\system32\VNCHooks.dll   size: 60.928 bytes
 
port: 5800, 5900 TCP

added to registry:
HKEY_CURRENT_USER\Software\ORL\VNCHooks\Application_Prefs\ntosrnl.exe
HKEY_CURRENT_USER\Software\ORL\VNCHooks\Application_Prefs\tokkun2.exe
HKEY_CURRENT_USER\Software\ORL\WinVNC3
HKEY_LOCAL_MACHINE\SOFTWARE\ORL\WinVNC3\Default

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "DVDUpgrd"
data: C:\WINDOWS\system32\ntosrnl.exe 

tested on win2000