.: BlueFire 0.36 :.

By vinsa

::actions

I feel lucky I feel lucky (with image)

Additional Details

Coded by: vinsa
Version: BlueFire 0.36
Family: BlueFire
Category: Remote Acces

MegaSecurity Notes

Server:
dropped file:
C:\windows\system\tasksvc.exe

size: 580 KB

port: 19191 TCP

startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run	 
HKCR\txtfile\shell\open\command

Author Words

Chinese Trojan.
Server can be accessed by Telnet, sterm, cterm, Zmud, Ftp, IE, Netscape, Opera, Flashget, Cuteftp... 
Type "help" for commands.

URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at sub7crew@protonmail.com, thank you in advance.