Rainb0w

Released 19 years, 11 months ago. July 2005

By Guerrer0

Informations

From	Spain
Author	Guerrer0
Family	Rainb0w
Category	Remote Access
Version	Rainb0w
Released Date	Jul 2005, 19 years, 11 months ago.
Language	Visual Basic

Additional Information

Server:
dropped file:
c:\WINDOWS\server\Server.exe
size: 32,768 bytes 

port: 6996 TCP

startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "server.exe"
data: c:\windows\server\server.exe 

HKEY_CURRENT_USER\Software\WinRAR SFX "C%%WINDOWS"
data: C:\WINDOWS 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "server.exe"
data: c:\windows\server\server.exe 




tested on Windows XP
July 03, 2005