URB Agentr
Released 19 years, 7 months ago. February 2005
Copyright © MegaSecurity
By unreachableboy
Informations
| From | Turkey |
| Author | unreachableboy |
| Family | URB Agentr |
| Category | Remote Access |
| Version | URB Agentr |
| Released Date | Feb 2005, 19 years, 7 months ago. |
| Language | Delphi |
Additional Information
Server:
dropped file:
c:\WINDOWS\system32\df.bat Size: 310 bytes
c:\WINDOWS\system32\directx32.exe Size: 509,665 bytes
c:\WINDOWS\system32\dxdlg.dat Size: 3,779 bytes
c:\WINDOWS\system32\dxdlg.dll Size: 96,768 bytes
c:\WINDOWS\system32\dxdlg.txt Size: 3,779 bytes
c:\WINDOWS\system32\ka_keyg.dat Size: 0 bytes
c:\WINDOWS\system32\kurtmailpv.exe Size: 43,008 bytes
c:\WINDOWS\system32\kurtmailpv.txt Size: 0 bytes
c:\WINDOWS\system32\kurtmspass.exe Size: 43,008 bytes
c:\WINDOWS\system32\kurtmspass.txt Size: 0 bytes
c:\WINDOWS\system32\kurtnetpass.exe Size: 39,424 bytes
c:\WINDOWS\system32\kurtnetpass.txt Size: 0 bytes
c:\WINDOWS\system32\kurtpspv.exe Size: 31,744 bytes
c:\WINDOWS\system32\kurtpspv.txt Size: 256 bytes
port: 28432 TCP
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "DirectX Plugin"
data: C:\WINDOWS\System32\directx32.exe
deleted:
c:\WINDOWS\system32\Restore\MachineGuid.txt
tested on Windows XP
March 26, 2006If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.