.: Banger (a) :.

By ?

Additional Details

  • Coded by: ?
  • Version: Banger (a)
  • Family: Banger (a)
  • Category: Remote Access

MegaSecurity Notes

dropped file:
c:\WINDOWS\iepngde.dll   (Backdoor.Win32.Webdor.m)
size: 7,168 bytes 

added to registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnPostRedirect"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnZoneCrossing"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft "logurl"
data: uggc/::jbys.erq.pbz.eh:nqqybt.cuc 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft "type"
data: qronax 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft "uniq_id"
data: chqxezc 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft "url"
data: uggc/::jbys.erq.pbz.eh:cvat.cuc 

Attempts to steal Bank information

tested on Windows XP
April 16, 2005

URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at sub7crew@protonmail.com, thank you in advance.