Toxic-CV
Released 19 years, 9 months ago. February 2005
Copyright © MegaSecurity
By Toxic_Frog
Informations
Author | Toxic_Frog |
Family | Toxic-CV |
Category | Destructive |
Version | Toxic-CV |
Released Date | Feb 2005, 19 years, 9 months ago. |
Language | Visual Basic |
Additional Information
Server:
dropped file:
c:\WINDOWS\SVCHOST.EXE
size: 10,215 bytes
added to registry:
HKEY_USERS\S-1-5-21-789336058-1957994488-1060284298-1003_Classes\exefile\DefaultIcon "(Default)"
data: %1
HKEY_USERS\S-1-5-21-789336058-1957994488-1060284298-1003_Classes\exefile\Shell\Open\Command "(Default)"
data: C:\WINDOWS\SVCHOST.EXE %1 %*
HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon "(Default)"
data: %1
HKEY_CURRENT_USER\Software\Classes\exefile\Shell\Open\Command "(Default)"
data: C:\WINDOWS\SVCHOST.EXE %1 %*
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\system "DisableRegistryTools"
data: 01, 00, 00, 00
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\system "DisableTaskMgr"
data: 01, 00, 00, 00
HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)"
old data: "%1" %*
new data: C:\WINDOWS\SVCHOST.EXE %1 %*
tested on Windows XP
September 10, 2005
If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.