.: Yakoza 3.3 :.
Released 14 years, 4 months ago. Jan 2008By Ali Moazemi
- From: Iran
- Coded by: Ali Moazemi
- Version: Yakoza 3.3
- Released date: Jan 2008, 14 years, 4 months ago.
- Family: Yakoza
- Category: Information Stealer
Server Dropped Files: c:\WINDOWS\config.iss Size: 4 bytes c:\WINDOWS\system\fileme.txt Size: 166 bytes c:\WINDOWS\system\svshoct.exe Size: 135,523 bytes c:\WINDOWS\system32\config.htm Size: 712 bytes c:\WINDOWS\tools\svshost.exe Size: 135,523 bytes Added to Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" Old data: Explorer.exe New data: explorer.exe C:\WINDOWS\system\svshoct.exe Tested on Windows XP January 20, 2008
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at firstname.lastname@example.org, thank you in advance.