PcShare 2005 Build 0727

PcShare 2005 Build 0727
(Backdoor.Win32.PcClient.cj)
(Backdoor.Win32.PcClient.bn)
(Backdoor.Win32.PcClient.bh)
(Backdoor.Win32.PcClient.bg)
(Trojan.Win32.Agent.gw)

by shesh

Written in Microsoft Visual C++

Released in July 2005

Made in China

more versions


Server:
size: 27,986 bytes

added to registry:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\SYSTEM
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\SYSTEM\0001
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{FCC0546B-075A-4729-96D6-CD283E50D55B}\Parameters\Tcpip
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\MediaCategories\{FB6C4286-0353-11d1-905F-0000C0CC16BA}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Session Manager\AppCompatibility\_SETUP.EXE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\{FCC0546B-075A-4729-96D6-CD283E50D55B}\Parameters\Tcpip
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCompatibility\_SETUP.EXE
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_YIJQJCLU\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{FCC0546B-075A-4729-96D6-CD283E50D55B}\Parameters\Tcpip

tested on Windows 2000
December 22, 2005

MegaSecurity