Scene Archive TJ2 - Sub7 Legacy

.: TJ2 :.

Released 17 years ago. May 2005

By ?

::actions

I feel lucky I feel lucky (with image)

Additional Details

From: China
Coded by: ?
Version: TJ2
Released date: May 2005, 17 years ago.
Coded in: Visual Basic, compressed with UPX
Family: TJ2
Category: Information Stealer

MegaSecurity Notes

Server:
dropped files:
c:\WINNT\system32\tj_pp.dll    Size: 24,576 bytes 
c:\WINNT\system32\tjppdd.exe   Size: 45,056 byte

added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "tjpp"
data: tjppdd.exe tjpp %s\tj_pp.dll DLL %s\tjppdd.exe hkOnlyOne kernel32.dll RegisterServiceProcess tj_pp.dll InstallHook P ? ???????? 



tested on Windows 2000
September 05, 2005

URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at sub7crew@protonmail.com, thank you in advance.