by Mines the Sun
aka Black Star
Made in China
Released in January 2000
Server:
dropped files:
c:\WINDOWS\SYSTEM\Internet.exe Size: 144.872 bytes
c:\WINDOWS\SYSTEM\uaiia.exe Size: 144.872 bytes
c:\WINDOWS\Explore.exe
c:\WINDOWS\regeditEx.exe
c:\WINDOWS\Winhlp32Ex.exe
c:\WINDOWS\SYSTEM\Internet.exe
c:\WINDOWS\SYSTEM\uaiia.exe
c:\WINDOWS\Regedit.exe (replaced)
port: 7648, 3215 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Internet.exe"
HKEY_CLASSES_ROOT\txtfile\shell\open\command "(Default)"
c:\windows\win.ini, [windows] "run"
MegaSecurity