VirTool:WinNT/Koutodoor.C - KernelMode.info

VirTool:WinNT/Koutodoor.C

2 posts

2 posts

VirTool:WinNT/Koutodoor.C

#2575 by Jaxryley
Wed Sep 01, 2010 1:42 am

For testings and drops quite a few other exploits.

kav.exe - 20/42 - MS - VirTool:WinNT/Rootkitdrv.LH
http://www.virustotal.com/file-scan/rep ... 1283302046

(34.93 KiB) Downloaded 62 times

ApsX85.sys file dropped.
3/42 - Rootkit.Win32.Agent!IK
http://www.virustotal.com/file-scan/rep ... 1283305063

(4.49 KiB) Downloaded 58 times

Username

Jaxryley

Posts

140

Joined

Mon Mar 15, 2010 7:49 am

Trojan.Koutodoor

#6570 by Meriadoc
Sat May 28, 2011 3:29 pm

Creates rootkit component in %Windir%\system32\drivers\random.sys, BHO in %Windir%\system32\random.dll.

Installs rootkit as service, registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\random, installs BHO, backdoor, changes home page from list.

VT - http://www.virustotal.com/file-scan/rep ... 1306590843

http://www.virustotal.com/file-scan/rep ... 1306593871

.sys - http://www.virustotal.com/file-scan/rep ... 1306594826

.dll - http://www.virustotal.com/file-scan/rep ... 1306595781

Attachments

pass=malware
(225.88 KiB) Downloaded 75 times

Who controls the past controls the future
Who controls the present controls the past

Username

Meriadoc

Posts

195

Joined

Sat Mar 13, 2010 7:36 pm

Location

Cymru

Page 1 of 1
2 posts

Return to “Malware”

Display:

Sort by:

Sort by:

Jump to: