Barbarian
Released 18 years, 2 months ago. October 2006
Copyright © MegaSecurity
By ?
Informations
Author | ? |
Family | Barbarian |
Category | Remote Access |
Version | Barbarian |
Released Date | Oct 2006, 18 years, 2 months ago. |
Language | Visual Baic |
Additional Information
Server:
dropped files:
c:\WINDOWS\system\Harry.exe Size: 19,995 bytes
c:\WINDOWS\Magic.exe Size: 19,995 bytes
c:\WINDOWS\msmdm.exe Size: 159,295 bytes
c:\WINDOWS\porter.exe Size: 19,995 bytes
port: 584 TCP
added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Harry"
data: C:\WINDOWS\system\Harry.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Magic"
data: C:\WINDOWS\Magic.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "msmdm"
data: C:\WINDOWS\msmdm.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "porter"
data: C:\WINDOWS\porter.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\system "DisableRegistryTools"
data: 01, 00, 00, 00
attempts to connect to an IRC Server
tested on Windows XP
October 21, 2006
If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.