BadrSocket 3.7
Released 18 years, 11 months ago. November 2006
Copyright © MegaSecurity
By B@dr007
Informations
| From | France |
| Author | B@dr007 |
| Family | BadrSocket |
| Category | Remote Access |
| Version | BadrSocket 3.7 |
| Released Date | Nov 2006, 18 years, 11 months ago. |
Additional Information
Server:
dropped files:
c:\system.exe Size: 30,403 bytes
c:\Documents and Settings\%user%\Local Settings\Temp\IXP001.TMP\loost.EXE Size: 112,640 bytes
c:\Documents and Settings\%user%\Local Settings\Temp\IXP001.TMP\vook.exe Size: 30,403 bytes
port: 3500 TCP
added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce "wextract_cleanup1"
data: rundll32.exe C:\WINDOWS\System32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\%user%\LOCALS~1\Temp\IXP001.TMP\"
tested on Windows XP
December 20, 2006If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.