.: Outbreak 0.2.3 (backdoored) :.
Released 17 years, 8 months ago. Dec 2004
By satan_addict::actions
Additional Details
- Coded by: satan_addict
- Version: Outbreak 0.2.3 (backdoored)
- Released date: Dec 2004, 17 years, 8 months ago.
- Family: Outbreak
- Category: Remote Access
MegaSecurity Notes
Client: dropped files: c:\WINDOWS\JNR#01.EXE size: 1.456.128 bytes (Backdoor.Win32.Outbreak.023) c:\WINDOWS\JNR$01.EXE size: 89.600 bytes (Backdoor.Win32.Rbot.ea) c:\WINDOWS\system32\win32api.exe size: 89.600 bytes (Backdoor.Win32.Rbot.ea) port: 1033 TCP added to registry: HKEY_CURRENT_USER\Software\Microsoft\OLE "Win32 API Start" data: win32api.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache "c:\windows\JNR#01.EXE" data: JNR#01 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Win32 API Start" data: win32api.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices "Win32 API Start" data: win32api.exe Server: dropped file: c:\WINDOWS\Server.exe size: 94.210 bytes added to registry: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SERVER\0000\Control HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Server\Enum HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Server\Security HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\l HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SERVER\0000\Control HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Server\Enum HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Server\Security tested on Windows XP December 03, 2004
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at sub7crew@protonmail.com, thank you in advance.