Capability to block access to several security-related Web sites by modifying the hosts file.
Communication with a remote IRC server.
Modifies some system settings that may have negative impact on overall system security state.
Installs a default debugger that is injected into the execution sequence of a target application. If a threat is installed as a default debugger, it will be run every time a target application is attempted to be launched – either to mimic it and hide its own presence (e.g. an open port or a running process), or simply to be activated as often as possible.
- To mark the presence in the system, the following Mutex objects were created:
- V8x
- V8
- The following Host Names were requested from a host database:
- subatomic.chinasexexchange.info
- rewt.myrepublicofchina.info
- rwt.nkoreaconsult.info
- maxim.nkoreaeexchange.info
- con.citiesofchina.info
- sex.nkoreaeexchange.info
- slanty.japancarimports.info
- debug.newskoreaimports.info
- gewber.chinasexexchange.info
- netsec.skoreatransfers.info
- datapipe.japancarimports.info
- msc.citiesofchina.info
- code0.nkoreawarefare.info
- mutated.chinesedataline.info
- lost.chinesedataline.info
- overlord.newskoreaimports.info
- dbc.skoreatransfers.info
- launch.nkoreawarefare.info
- dbc.nkoreaconsult.info
- expanse.myrepublicofchina.info
- dev.citiesofchina.info
- There were registered attempts to establish connection with the remote hosts. The connection details are:
| subatomic.chinasexexchange.info | 6501 |
| maxim.nkoreaeexchange.info | 9103 |
| lost.chinesedataline.info | 9103 |
| con.citiesofchina.info | 51601 |
| sex.nkoreaeexchange.info | 22048 |
| slanty.japancarimports.info | 52019 |
| gewber.chinasexexchange.info | 9899 |
| mutated.chinesedataline.info | 9899 |
| netsec.skoreatransfers.info | 7601 |
| datapipe.japancarimports.info | 5276 |
| msc.citiesofchina.info | 8764 |
| code0.nkoreawarefare.info | 34091 |
| dev.citiesofchina.info | 31960 |
PASS su1c1d3
NICK �0USAt2w8xjzfth
USER XP-SP2 x x :COMPUTERNAME
JOIN ##net n3t!
NICK �0USAjk8k4e3mx7
NICK �0USAuxpgf9sc5z
NICK �0USA9u408p5zlk
NICK �0USAg9filb7nxn
NICK �0USAzj1h536rtq
NICK �0USAyu4jebtbyd
NICK �0USAkfklyi8afp
NICK �0USAle1f2bdlzp
NICK �0USAqcmdhjbrtr
NICK �0USAhvcyqgcuf0
NICK �0USAhl1eks6224
NICK �0USAblcvzgl5xi
NICK �0USAeutsn6g7js
NICK �0USAeyv4nv3wts
NICK �0USAw9l1vawkbl
NICK �0USAummoclt5c6
NICK �0USAz8lttd7ijb
NICK �0USAuykdwxpre9
NICK �0USAaugrcjirp1