.: Hzdoor (a) :.

By ?

::actions

I feel lucky I feel lucky (with image)

Additional Details

Coded by: ?
Version: Hzdoor (a)
Coded in: Microsoft Visual C++
Family: Hzdoor (a)
Category: Remote Access

MegaSecurity Notes

dropped files:
c:\Documents and Settings\%user%\Desktop\ccSetMngr.exe  (Exploit.Win32.MS04-045.a)
size: 45,056 bytes 

c:\WINDOWS\system32\ccEvtMngr.exe
size: 139,264 bytes 

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "nortonsantivirus"
data: C:\WINDOWS\System32\ccEvtMngr.exe 



tested on Windows XP
May 09, 2005

URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at sub7crew@protonmail.com, thank you in advance.