Scene Archive Deng - Sub7 Legacy

.: Deng :.

Released 19 years, 10 months ago. Oct 2002

By ?

::actions

I feel lucky I feel lucky (with image)

Additional Details

From: China
Coded by: ?
Version: Deng
Released date: Oct 2002, 19 years, 10 months ago.
Coded in: Microsoft Visual C++
Family: Dingdang & Deng
Category: Remote Access

MegaSecurity Notes

dropped file:
c:\WINNT\system32\vmisd.dll    size: 12 bytes 

port: 1074 TCP

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Backdoor.Dengdoor"

added to registry:
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"

tested on win2000

URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at sub7crew@protonmail.com, thank you in advance.