Grieve Logger Public V2

Re: Malware/Not classified

#5439 by EP_X0FF
Fri Mar 11, 2011 6:26 pm

markusg wrote:java.exe
http://www.virustotal.com/file-scan/report.html?id=6e1185f79538ffee18c1541e33ef2e4cc674e0ed7fda7ce1918536069423f01e-1299866816

Grieve Logger Public V2.

Just "hacked" this crap.

email: sharpf50@gmail.com
pass: hellomoto1

Email password has been changed. So this crap is now mine :)

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
DisableTaskMgr
\Tmp5975.exe
\Tmp7660.exe
\drivers\etc\hosts
127.0.0.1 http://www.virustotal.com
127.0.0.1 virustotal.com
127.0.0.1 novirusthanks.org
127.0.0.1 vscan.novirusthanks.org
127.0.0.1 virusscan.jotti.org
127.0.0.1 http://www.virusscan.jotti.org
127.0.0.1 virscan.org
127.0.0.1 http://www.virscan.org
127.0.0.1 virus-trap.org
127.0.0.1 http://www.virus-trap.org
127.0.0.1 filterbit.com
127.0.0.1 http://www.filterbit.com
127.0.0.1 viruschief.com
127.0.0.1 http://www.viruschief.com
127.0.0.1 kaspersky.com
127.0.0.1 http://www.kaspersky.com
Software\Microsoft\Windows\CurrentVersion\Run
smtp.gmail.com

+====Logs====+
[Copy]
[Paste]
[TAB]
[END]
[ESC]
[CTRL]
[ALT]
[Page Up]
[Page Down]
[Home]
[Insert]
[End]
[Esc]
[Prt Screen]
[DEL]

Reports (in Trash bin also 260 emails, is about ~20 affected users)

Botmaster IP's :)

67.204.18.208 (dsl-67-204-18-208.acanac.net)
69.172.104.30 (dsl-69-172-104-30.acanac.net)

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact

Grieve Logger Public V2

Attachments

Re: Malware/Not classified