.: Black Gibbons 1.24 :.
- Coded by: ?
- Version: Black Gibbons 1.24
- Coded in: Delphi, compressed with UPX
- Family: Black Gibbons 1.24
- Category: Remote Access
Dropped file: c:\WINDOWS\scanregw.exe size: 161,280 bytes port: 113 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "ScanRegistry" data: c:\windows\scanregw.exe /autorun attempts to connect to an IRC Server located in Israel tested on Windows XP December 24, 2005
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at firstname.lastname@example.org, thank you in advance.