XHX 1.60
Released 24 years, 10 months ago. January 2000
Copyright © MegaSecurity
By Mines the Sun
Informations
| From | China |
| Author | Mines the Sun |
| Family | XHX |
| Category | Remote Access |
| Version | XHX 1.60 |
| Released Date | Jan 2000, 24 years, 10 months ago. |
Additional Information
Client:
port: 10000, 20000 TCP
10000 UDP
Server:
dropped files:
C:\WINDOWS\SYSTEM\Internet.exe
C:\WINDOWS\SYSTEM\uaiia.exe
C:\WINDOWS\Explore.exe
C:\WINDOWS\RegEdit.exe (only with 141 KB server)
original C:\WINDOWS\RegEdit.exe is replaced
C:\WINDOWS\WINHLP32.EXE
original C:\WINDOWS\WINHLP32.EXE is replaced
size: 121 KB
or 141 KB
port: 7648, 3215 TCP
3215 UDP
startup:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HKCR\txtfile\shell\open\command
c:\windows\win.ini "run"If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.