.: Cult (b) :.
- Coded by: ?
- Version: Cult (b)
- Coded in: Visual C++, packed with FSG
- Family: Cult
- Category: Remote Access
Dropped file: c:\WINNT\system32\winupdate.exe size: 13.040 bytes startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Microsoft auto update" data: winupdate.exe does (try to) connect to an IRC server tested on win2000
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at email@example.com, thank you in advance.