by Tataye (cracked by ATmaCA)
Successor of Ulysses
Written in Delphi
Released in July 2003
Made in Rumania
Beast Patch By ATmaCA
With this patch you can connect to password protected beast servers without any password.
I test it on V1.92 V2.0 V2.01 beast servers
I've tested it on V1.92,V2.0,V2.01
ATmaCA
Client:
registry keys added:
HKEY_CLASSES_ROOT\.bad
HKEY_CLASSES_ROOT\.bst
HKEY_CLASSES_ROOT\BeastFile
HKEY_CLASSES_ROOT\BeastFile\DefaultIcon
HKEY_CLASSES_ROOT\BeastFile\shell
HKEY_CLASSES_ROOT\BeastFile\shell\open
HKEY_CLASSES_ROOT\BeastFile\shell\open\command
HKEY_CLASSES_ROOT\BeastFile1
HKEY_CLASSES_ROOT\BeastFile1\DefaultIcon
HKEY_CLASSES_ROOT\BeastFile1\shell
HKEY_CLASSES_ROOT\BeastFile1\shell\open
HKEY_CLASSES_ROOT\BeastFile1\shell\open\command
Server:
dropped files:
c:\WINDOWS\SVCHOST.EXE
c:\WINDOWS\COMMAND\msaria.com
c:\WINDOWS\SYSTEM\mspfgf.com
size: 52.224 bytes
port: 6666 TCP
startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "COM Service"
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{44CC0112-AB51-22EF-BA32-20AA12E6115C} "StubPath"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "COM Service"
added:
c:\WINDOWS\COMMAND\msdgqt.com
c:\WINDOWS\SYSTEM\msyrmu.com
c:\WINDOWS\SYSTEM\yrmu.blf
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Control "LoginSessionDisable"
MegaSecurity