Black QQ Robber 1.6 Build0429

Black QQ Robber 1.6 Build0429
(Trojan-PSW.Win32.QQRob.dm)
(Trojan-PSW.Win32.QQRob.16.ab)

by ?

Written in Delphi

Released in April 2006

Made in China


Server:
dropped files:
c:\WINDOWS\system32\MsHx.dll       Size: 33,961 bytes 
c:\WINDOWS\system32\mswosck.dll    Size: 16,896 bytes 
c:\WINDOWS\system32\NAWROV.exe     Size: 33,961 bytes 

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "U4F2G6"
data: C:\WINDOWS\System32\NAWROV.exe 
 


tested on Windows XP
May 02, 2006

MegaSecurity