NeoControlRed 4.0.1
(Backdoor.Win32.ControlTotal.k for Client)
(Backdoor.Win32.ControlTotal.aa)

by Pele

Written in Visual Basic

Released in August 2004

Made in Chili

more versions 


Server:
dropped file:
c:\WINDOWS\SYSTEM\Logon32.exe

size: 75.264 bytes
 
port: 2032 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Logon32"
data: C:\WINDOWS\SYSTEM\Logon32.exe
MegaSecurity