.: Beast 2.07 :.
By Tataye
::actions
Additional Details
- Coded by: Tataye
- Version: Beast 2.07
- Family: Beast
- Category: Remote Access
MegaSecurity Notes
Server: dropped files: c:\WINDOWS\COMMAND.PIF size: 967 bytes c:\WINDOWS\svchost.exe size: 30.869 bytes c:\WINDOWS\COMMAND\msroem.com size: 30.869 bytes c:\WINDOWS\SYSTEM\mslg.blf size: 227 bytes c:\WINDOWS\SYSTEM\msludr.com size: 30.869 bytes port: 6666 TCP startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "COM Service" data: C:\WINDOWS\COMMAND\msroem.com HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{42CE4021-DE03-E3CC-EA32-40BB12E6015D} "StubPath" data: C:\WINDOWS\SYSTEM\msludr.com HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "COM Service" data: C:\WINDOWS\COMMAND\msroem.com
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at sub7crew@protonmail.com, thank you in advance.