by Deadly Ripper
Released in June 2005
Made in Poland
Client:
dropped files:
c:\Documents and Settings\%user%\Local Settings\Temp\inst_rundll32.exe
size: 341,159 bytes
c:\Documents and Settings\%user%\Local Settings\Temp\ultimate_trojan.exe
size: 24,576 bytes
c:\WINDOWS\system32\bpk.dat Size: 359 bytes
c:\WINDOWS\system32\bpk.exe Size: 218,112 bytes
c:\WINDOWS\system32\bpkhk.dll Size: 26,112 bytes
c:\WINDOWS\system32\bpkr.exe Size: 7,168 bytes
c:\WINDOWS\system32\bpkwb.dll Size: 40,960 bytes
c:\WINDOWS\system32\inst.dat Size: 996 bytes
c:\WINDOWS\system32\pk.bin Size: 3,940 bytes
added to registry:
HKEY_CLASSES_ROOT\CLSID\{1D1B2879-99FF-11E3-8D96-D7ACAC95952A}
HKEY_CLASSES_ROOT\Interface\{1D1B2878-99FF-11E3-8D96-D7ACAC95952A}
HKEY_CLASSES_ROOT\SS.SS
HKEY_CLASSES_ROOT\TypeLib\{1D1B286C-99FF-11E3-8D96-D7ACAC95952A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\
tested on Windows XP
June 18, 2005
MegaSecurity