Dialer.Moneytree

Updated: February 13, 2007 11:32:53 AM

Type: Dialer

Version: Not available

Publisher: mtree

Risk Impact: High

File Names: NSupd9x.inf UniDist.ocx dial.dll

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP

When Dialer.Moneytree is installed, it does the following:

Creates the following file:

%Windows%\Downloaded Program Files\UniDist.ocx
Creates the following registry subkeys:

HKEY_CLASSES_ROOT\CLSID\{BF279130-3F58-4E26-8043-CD5688A4D4C9} HKEY_CLASSES_ROOT\CLSID\{FC87A650-207D-4392-A6A1-82ADBC56FA64} HKEY_CLASSES_ROOT\CLSID\{C89BB48C-15D9-4F4F-803E-95D90F62BE62} HKEY_CLASSES_ROOT\CLSID\{E8EDB60C-951E-4130-93DC-FAF1AD25F8E7} HKEY_CLASSES_ROOT\Interface\{563E5DF0-2C1C-4513-BBF5-D380536BB8FC} HKEY_CLASSES_ROOT\Interface\{F332D106-2EF3-45C4-BAF2-0F739D76B26A} HKEY_CLASSES_ROOT\Interface\{9F2C17AC-9AA4-4C3A-82C7-EA7BCF00F03D} HKEY_CLASSES_ROOT\Interface\{CA7CCB52-6922-47E5-B784-3A3F82C51863} HKEY_CLASSES_ROOT\TypeLib\{11B6F65D-7B8D-43CB-9AAE-17234A1DB33A} HKEY_CLASSES_ROOT\TypeLib\{96B01A48-1317-4A87-91F7-10116F755705} HKEY_CLASSES_ROOT\MULTIDIST.MultiDistCtrl.1 HKEY_CLASSES_ROOT\UNIDIST.UniDistCtrl.1
May download and execute arbitrary code.

Writeup By: Sun Pak

Summary

Search Threats

Search by name

_{Example: W32.Beagle.AG@mm}