.: Titanium 1.2.2a :.
Released 17 years, 2 months ago. Aug 2004By The Neptic
- From: Russia
- Coded by: The Neptic
- Version: Titanium 1.2.2a
- Released date: Aug 2004, 17 years, 2 months ago.
- Coded in: Delphi, compressed with UPX
- Family: Titanium
- Category: Remote Access
Server: dropped files: c:\WINNT\leass.exe Size: 273 920 bytes c:\WINNT\system\s32event.dll Size: 10 240 bytes c:\WINNT\system32\msscan.exe Size: 273 920 bytes c:\WINNT\system32\notes.txt Size: 273 920 bytes c:\WINNT\system32\swchost.exe Size: 273 920 bytes port: 57 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" old data: Explorer.exe new data: Explorer.exe leass.exe HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "run" data: C:\WINNT\system32\msscan.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Laas" data: C:\WINNT\leass.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "M$Two" data: C:\WINNT\system32\msscan.exe tested on Win2000 February 14, 2005
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at firstname.lastname@example.org, thank you in advance.