Falling Star 1.31
Copyright © MegaSecurity
By Xiao5
Informations
| From | China |
| Author | Xiao5 |
| Family | Falling Star |
| Category | Remote Access |
| Version | Falling Star 1.31 |
| Language | Visual Basic, compressed with ASPack |
Additional Information
Dropped Files:
c:\WINDOWS\system32\Exp1orer.exe size: 65,024 bytes
c:\WINDOWS\system32\Internet.exe size: 65,024 bytes
c:\WINDOWS\system32\N0TEPAD.exe size: 65,024 bytes
c:\WINDOWS\system32\SystemTray.exe size: 65,024 bytes
c:\WINDOWS\system32\W1dap32.dll size: 109,248 bytes
port: 7744 TCP
added to registry:
HKEY_CLASSES_ROOT\CLSID\{248DD896-BB45-11CF-9ABC-0080C7E7B78D}
HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)"
old data: "%1" %*
new data: "C:\WINDOWS\System32\Exp1orer.exe" %1 %*
HKEY_CLASSES_ROOT\txtfile\shell\open\command "(Default)"
old data: %SystemRoot%\system32\NOTEPAD.EXE %1
new data: "C:\WINDOWS\System32\N0TEPAD.exe" %1
tested on Windows XP
March23, 2005If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.