MagicLink
This is a very dangerous RAT virus. It can disable firewall protection. The pest also has the ability to send victims IP to the attacker automatically, so he has the opportunity to connect as soon as the infection is finished. Many versions of this pest appeared in the internet from April 2000 to February 2004. The author is a Chinese hacker called CMJ Soft. The pest was written in Delphi and compressed with UPX. It affects such operating computers as Windows 95, 98, ME, 2000 and XP.
File System Modifications
- The following files were created in the system:
# File Name 1 -º+¿+++¦.exe 2 10.txt 3 202.txt 4 210.txt 5 211.txt 6 77f0f95c.exe 7 backdoor.cmjspy.24.exe 8 ccs.css 9 faq.htm 10 feature.htm 11 function.htm 12 gettingstarted.txt 13 help.chm 14 index.htm 15 info.htm 16 ip.magic 17 jk52.txt 18 left.htm 19 m$n corruption.exe 20 magic link.exe 21 magic.exe 22 magic.server 23 magiclink.exe.set 24 magiclink.ini 25 magiclink15.exe 26 magiclinktrial.exe 27 magicserver.dll 28 method.htm 29 mmdlltxt.htm 30 mmsysdll.dll 31 other.txt 32 readit.txt 33 readme.txt 34 readmenow.txt 35 register.htm 36 server.exe 37 stemdllcou.vxd 38 tdllcope.vxd 39 upgrade.htm 40 whyregister.htm 41 zipdll.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionunmagiclinkserver
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.