Barbie

Barbie
(Backdoor.Win32.Barbie)

by s0niCBo0M

Original Filename: Show_IP.exe

Written in Visual Basic


Backdoor.Barbie:
dropped file:
C:\WINDOWS\SYSTEM\DDRAW16.EXE

size: 74.240 bytes

port: 30000 TCP

startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

MegaSecurity