Registry Modifications
* The following Registry Key was created:
o HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices
* The newly created Registry Values are:
o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
+ Windows Service Agent = “sup.exe”
so that sup.exe runs every time Windows starts
o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices]
+ Windows Service Agent = “sup.exe”
so that sup.exe runs every time Windows starts
o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
+ Windows Service Agent = “sup.exe”
so that sup.exe runs every time Windows starts
* The following ports were open in the system:
Port Protocol Process
1051 TCP wry.exe (%System%wry.exe)
1052 TCP wry.exe (%System%wry.exe)
1053 TCP wry.exe (%System%wry.exe)
1054 TCP wry.exe (%System%wry.exe)
1055 TCP sup.exe (%System%sup.exe)
* The following Host Name was requested from a host database:
o 81.93.167.102