XQ
Released 23 years ago. December 2001
Copyright © MegaSecurity
By ?
Informations
| From | China |
| Author | ? |
| Family | XQ |
| Category | Remote Access |
| Version | XQ |
| Released Date | Dec 2001, 23 years ago. |
| Language | Visual Basic |
Additional Information
Server:
dropped files:
c:\WINDOWS\SYSTEM\Rundll16.exe
c:\WINDOWS\SYSTEM\WININI.EXE
C:\WINDOWS\SYSTEM\MSDLL.EXE
size: 163.840 bytes
port: 1002, 1902, 2001, 5902 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "RUNDLL32"
HKEY_CLASSES_ROOT\chm.file\shell\open\command "(Default)"
HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)"
HKEY_CLASSES_ROOT\scrfile\shell\open\command "(Default)"
HKEY_CLASSES_ROOT\txtfile\shell\open\command "(Default)"If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.