.: IMP-PS 1.0 :.
Released 15 years, 6 months ago. Jul 2006
By Mahdi Hezavehi::actions
Additional Details
- Coded by: Mahdi Hezavehi
- Version: IMP-PS 1.0
- Released date: Jul 2006, 15 years, 6 months ago.
- Coded in: Delphi
- Family: IMP-PS 1.0
- Category: Information Stealer
MegaSecurity Notes
Server: dropped files: c:\WINDOWS\smlogitech.vbs size: 179 bytes deleted file: c:\WINDOWS\system32\Restore\MachineGuid.txt added to registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Explorer32" data: C:\WINDOWS\xplorer.exe HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DLLCACH\0000\Control HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DllCach HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\C HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DLLCACH\0000\Control HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DllCach tested on Windows XP July 04, 2006
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at sub7crew@protonmail.com, thank you in advance.