NeoControlRed 2.0.0
(Backdoor.Win32.ControlTotal.g)

by Pele

Written in Visual Basic, compressed with ASPack

Made in Chili

Released in March 2004

more versions 


Server:
dropped file:
c:\WINDOWS\SYSTEM\Logon32.exe 

size: 90.112 bytes 

port: 2032 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Logon32" 

dropped files:
c:\WINDOWS\SYSTEM\Control.ini 
c:\WINDOWS\SYSTEM\Logon32.exe
MegaSecurity