GrayPigeon (a)
Released 23 years, 3 months ago. August 2002
Copyright © MegaSecurity
By ?
Informations
| From | China |
| Author | ? |
| Family | GrayPigeon |
| Category | Remote Access |
| Version | GrayPigeon (a) |
| Released Date | Aug 2002, 23 years, 3 months ago. |
Additional Information
Win98:
Server:
dropped files:
c:\WINDOWS\Notepod.exe
c:\WINDOWS\SYSTEM\kernel32.exe
size: 291.469 bytes
port: 8080 TCP
startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "LoadWindowsFile"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "LoadWindowsFile"
HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)"
HKEY_CLASSES_ROOT\txtfile\shell\open\command "(Default)"
Win2000:
servers:
c:\WINNT\Notepod.exe
c:\WINNT\system32\Kernel32.exe
size: 291.469 bytes
port: 8080 TCP
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices "LoadWindowsFile"
HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)"
HKEY_CLASSES_ROOT\txtfile\shell\open\command "(Default)"If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.