Falcon Control 1.0 beta

FalcoN-ControL 1.0 beta
(Backdoor.Win32.GGDoor.017 for Server)

by ?

Released in March 2006

Made in Poland



Server:
dropped file:
c:\WINDOWS\smss.exe
size: 295,509 bytes 

added to registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run " "
data: C:\WINDOWS\smss.exe 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run " "
data: C:\WINDOWS\smss.exe 

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List "C:\WINDOWS\smss.exe"
data: C:\WINDOWS\smss.exe:*:Enabled:  

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List "C:\WINDOWS\smss.exe"
data: C:\WINDOWS\smss.exe:*:Enabled:  




tested on Windows XP
March 25, 2006

MegaSecurity