Home Malware Programs Trojans Kondeli

Kondeli

Posted: March 28, 2006

Kondeli is a relatively harmless trojan, which infects remote PCs running Microsoft Windows operating computer with unpatched security flaws.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 klein.exe
    2 winmain.exe
    3 z.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunwinui=C:z.exeHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsNTCurrentVersionWinlogonShell=explorer.exewinmain.exe
Loading...