Tyrant

Copyright © MegaSecurity

By HBU Team


Informations
Author HBU Team
Family Tyrant
Category Remote Access
Version Tyrant
Language Visual Basic, compressed with UPX
Additional Information
dropped files:
c:\WINDOWS\system32\MSODBC32.EXE    size: 24.576 bytes 
c:\WINDOWS\system32\odbc32ms.dat    size: 4.034 bytes 

port: 51357 TCP

added to registry:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AFD\Parameter "DisableRawSecurity"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Microsoft ODBC Database Linker\Security
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\A
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD\Parameter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Microsoft ODBC Database Linker\Security

tested on Windows XP
December 06, 2004

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.