Name: Agent 4021
Keys: value added
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
"HRZR_EHACNGU:P:\hamvccrq\Ntrag40421\nfqf.rkr"
Type:
REG_BINARY
Data:
51, 00, 00, 00, 06, 00, 00, 00, C0, 5B, 19, 65, 19, B7, C0, 01
Version: Master’s paradise v8.0
Type: remote admin/access
Port/s used: 31
Files: none
Modifies: c:\WINDOWS\CLASSES.DAT
Aliases:
This trojan is masters paradise, just renamed.
Behaviour: once executed does not run in
stealth and can be shut by using ctrl-alt-del and ending the task asds
Removal: delete asds.exe
Special: none
Author: NA
Notes: This is a very old
trojan, which was popular a few years back, it is fairly uncommon now and
because it isn’t very stealthy and does not auto load it isn’t widely used by
trojan hackers.
Downloaded versions of this trojan don’t seem to come with a client, just the server.