Beast 2.05
(Backdoor.Win32.Beastdoor.205)

by Tataye

Written in Delphi

Released in December 2003

Made in Rumania

more versions


What's new:

 - LANBypass feature (reverse connection)
 - plugin system
 - speeded up the transfers (recoded from scratch)
 - DialUp passwords support
 - better multithreading 
 - statistics window
 - multilanguage help
 - many improvements: Screen Manager, KeyLogger, FileManager etc.
 - fixes: 9x crashes (with email notification), webcam etc.

Important:

 - on a machine is allowed only 1 beast server, doesn't matter what version
 - you can't update the older servers (2.02, 2.01) from Beast 2.05 client
 
Tataye   


Client:
registry keys added:
HKEY_CLASSES_ROOT\.bad 
HKEY_CLASSES_ROOT\.bst 
HKEY_CLASSES_ROOT\BeastFile 
HKEY_CLASSES_ROOT\BeastFile\DefaultIcon 
HKEY_CLASSES_ROOT\BeastFile\shell 
HKEY_CLASSES_ROOT\BeastFile\shell\open 
HKEY_CLASSES_ROOT\BeastFile\shell\open\command 
HKEY_CLASSES_ROOT\BeastFile1 
HKEY_CLASSES_ROOT\BeastFile1\DefaultIcon 
HKEY_CLASSES_ROOT\BeastFile1\shell 
HKEY_CLASSES_ROOT\BeastFile1\shell\open 
HKEY_CLASSES_ROOT\BeastFile1\shell\open\command 



Server:
dropped files:
c:\WINDOWS\svchost.exe 
c:\WINDOWS\COMMAND\msunwc.com 
c:\WINDOWS\SYSTEM\msgkwu.com 

size: 28.755 bytes 

port: 6666 TCP

startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "COM Service" 
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{42CE4021-DE03-E3CC-EA32-40BB12E6015D} "StubPath" 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "COM Service" 


added:
c:\WINDOWS\SYSTEM\mslg.blf 

MegaSecurity