Tyrant
Copyright © MegaSecurity
By HBU Team
Informations
Author | HBU Team |
Family | Tyrant |
Category | Remote Access |
Version | Tyrant |
Language | Visual Basic, compressed with UPX |
Additional Information
dropped files:
c:\WINDOWS\system32\MSODBC32.EXE size: 24.576 bytes
c:\WINDOWS\system32\odbc32ms.dat size: 4.034 bytes
port: 51357 TCP
added to registry:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AFD\Parameter "DisableRawSecurity"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Microsoft ODBC Database Linker\Security
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\A
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD\Parameter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Microsoft ODBC Database Linker\Security
tested on Windows XP
December 06, 2004
If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.