Event ID - 30999

Port No30999
Service NameKuang2
RFC Doc0
ProtocolTCP
DescriptionWorks on Windows 95 and 98.
Reference LinkKuang2
AttackRegisters:
HLM\Software\Microsoft\Windows\CurrentVersion\Run

Files:
K2tv021.zip - K2ps034.zip - Ks2_0.zip - Kuang2.0.zip - Kuang.exe - 72,296 bytes Server_setup.exe - 6,656 bytes Temp$1.exe - _webcache_.exe K2ps.exe - 7,680 bytes K2ps.cfg - K2ps_full.exe - 14,848 bytes K2ps_setup.exe - 6,656 bytes K2tl_setup.exe - 7,680 bytes Tloader1.exe - 3,072 bytes Tloader2.exe - 4,608 bytes Tloader3.exe - 62,464 Vbrun4x.dll - 3,072 bytes Dupview.exe - 6,144 bytes K2vl.exe - 4,096 bytes

Actions:
Steals passwords

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.