Porti
Jp, to bo to, ja – SoftWAR in pa Infector se replicirata preko 1207/1208
Evo, da ju boš lažje lociral in odstranil:
Name: SoftWAR
Aliases: Shadow Thief, Softwarst,
Ports: 1207 (???)
Files: Softwar.zip – 327,765 bytes Soft-war.zip – 266,469 bytes Softwar.exe – 228,352 bytes Softwarst.exe – 357,738 bytes Trojan.exe – 60,928 bytes Swizard.exe – 79,872 bytes Winserv.exe – Infect1.exe – 16,896 bytes Infect2.exe – 21,504 bytes Sample1.exe – 4,096 bytes Sample2.exe – 8,192 bytes Pkzip.exe – 42,166 bytes Pegraft.exe – 72,192 bytes Mspr.dll – Server – 8,192 bytes Client – 94,720 bytes
Created: Oct 1999
Requires: N/A
Actions: Remote Access / Keylogger
Versions: N/A
Registers: HLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Notes: Works on Windows 95 and 98. English and French versions. Default password = SoftWAR! . Independent third party plug-ins are accepted.
Country: written in France
Program: Written in Assembler (Win32asm).
———————————————————————————-
Name: Infector
Aliases: The Infector, FC Infector,
Ports: 146, 146 (UDP), 1208, 17569, 24000, 30000 (ports can not be changed)
Files: Fc.zip – 462,863 bytes Infector.zip – 95,103 bytes Infector.zip – 101,764 bytes Infector1.0.zip – 285,601 bytes Infector1.3.zip – 445,950 bytes Infector1.4.zip – 504,012 bytes Infector1.4.2.zip – 570,490 bytes Infector1.6.zip – 604,218 bytes Infector1.6a.zip – 661,515 bytes Infector1.6b.zip – 691,336 bytes Infector1.7c.zip – Infector_1.7_bonus.zip – Infector2.0.zip – 36,395 bytes Infector9.0.zip – 5,599 bytes Infector_v2.zip – 35,713 bytes Infector.exe – 18,929 bytes Infector.exe – 87,944 bytes Infector.exe – 184,832 bytes Infector.exe – 291,840 bytes File_id.exe – 3,632 bytes Client.exe – 174,080 bytes Client.exe – 178,176, bytes Client.exe – 294,912 bytes Client.exe – 333,824 bytes Server.exe – 120,320 bytes Server.exe – 293,888 bytes Server 1.6b_new.exe – 527,872 bytes Unpacked _server.exe – 299,008 bytes Unpacked_server.exe – 300,544 bytes Editsrv.exe – 114,688 bytes Editsrv.exe – 140,800 bytes Editsrv.exe – 233,984 bytes Editsrv.exe – 236,544 bytes Editserv.exe – 141,312 bytes Fc32.exe – 414,208 bytes Fc_1.6server_a.exe – 534,016 bytes Uhanfo.exe – 6,912 bytes Trojan.exe – D3x.drv – Setup.int – ??? bytes Msnapplication.exe – – 532,016 bytes
Created: April 1999
Requires: N/A
Actions: Downloading trojan / Trojanizes EXE-files / Trojan droper / ICQ trojan
Alters System.ini. Trojanizes files and adds about 29k to the infected file. It may only be configuerad only when connected to the trojan server. The file “Setup.int ” consists of all logged keys the user has pressed. The server is always distributed in a uncompresed version, so others can us any compresor of their choice. It also make the server harder to detect. Version 1.7 bonus is a recompiled version of 1.7 – the same trojan but with a different signature.
Versions: 0.9, 1.0, 1.3, 1.4, 1.42, 1.6, 1.6a, 1.6b, 1.63, 1.7, 1.7b, 1.7c, 1.8, [2.0 ?],
Registers: Does not register.
Notes: Works on Windows 95, 98 and ME, together with ICQ.
Country: written in Great Britain
Program: Written in Delphi.
Forum je zaprt za komentiranje.