by ?
Invisible telnet server that can bypass firewalls.
Written in Visual C++
Released in july 2003
Server:
c:\WINDOWS\winrcLoader.exe
size: 196.608 bytes
port: 1976 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "winrcLoader.exe"
registry added:
HKEY_CLASSES_ROOT\CLSID\{65863AB3-8D15-4953-8B66-281B2BCEC937}
HKEY_CLASSES_ROOT\Interface\{561E2361-8484-4EED-9E67-D9F7B19D54D2}
HKEY_CLASSES_ROOT\Interface\{B2B2EFCE-56DD-46A9-8530-DDB376199029}
HKEY_CLASSES_ROOT\NoLook.Spy
HKEY_CLASSES_ROOT\TypeLib\{1FC9D71A-6B65-41AB-BE9D-13A7DFA70DAD}
files added:
c:\WINDOWS\winrc.dll
c:\WINDOWS\winrc.htm
c:\WINDOWS\winrcLoader.exe
c:\WINDOWS\winrcobj.dll
MegaSecurity