lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20030914192409.GA32424@c0re.hysteria.sk>
From: ynezz at hysteria.sk (Petr Stetiar)
Subject: [TROJAN Win32] Can't identify trojan found on Win98SE box

Hi ALL,

I've found one trojan horse or whatever it is on one Win98SE box today.
I tried to find some info about it on google but didn't found anything.

This file was found in C:\Windows\System directory.
There were 2 unknown files to me actualy: msi2xec16.exe and mpldfg.exe
(both same size and content, verified by MD5)

You can download this file here:

http://takjo.net/mpldfg.exe-

win.ini
----------cut--------------
run=C:\WINDOWS\SYSTEM\MSI2XEC16.EXE
----------cut--------------

The same path was found also in registry under RUN key, if someone wants full
key I can post it later.


I'm just curious what kind of trojan it is, because I dont have motivation
to do anything on m$ powered "OS", but maybe someone...



Cheers,

Petr

-- 
     (__) --------------------------+------------------------------------------`
     (@@)  ynezz[at]hysteria[dot]sk | Customer: "I'm running WindowsXP SP39g"  |
 /----\/  - * - * - * - * - * - * - | Tech: "Yes"                              |
| |  ||    irc://ynezz@...net       | Customer: "My computer isn't working now"|
* ||-||    icq: 923432434           | Tech: "Yes, you said that"               |
  ^^ ^^ ----------------------------+------------------------------------------'


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ