Home Malware Programs Backdoors Nuclear

Nuclear

Posted: March 28, 2006

Nuclear is a dangerous complex backdoor, which gives the remote attacker full unauthorized access to a compromised PC.

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunexampleHKEY_LOCAL_MACHINESOFTWAREClassesdllfileShellOpenCommand@=rundll32.exeHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerUserShellFoldersCommonStartup=%Windir%NRHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunexample
  • The following CLSID's were detected:
    HKEY..\..\{CLSID Path}411EDCF7-755D-414E-A74B-3DBB65570589

Related Posts

Loading...