by Masoud Azimi
Written in Visual Basic
Released in August 2008
Made in Iran
Server
Dropped Files:
c:\WINDOWS\system32\love.exe Size: 81,920 bytes
c:\WINDOWS\system32\config\he.txt Size: 194 bytes
c:\WINDOWS\system32\config\sysrun.exe Size: 81,920 bytes
Added to Registry::
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\Explorer\Run "(Default)"
Data: C:\WINDOWS\system32\config\sysrun.exe -s
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell"
Data: Explorer.exe C:\WINDOWS\system32\love.exe -s
Tested on Windows XP
August 21, 2008
Download:
ليست هناك تعليقات:
إرسال تعليق