Darksun 2.2
(Backdoor.Win32.G_Door.b)

by ?

Compressed with UPX

Released in April 2000

Made in China

more versions 


Server:
dropped files:
c:\WINDOWS\SYSTEM\KERNEL32.EXE 
c:\WINDOWS\SYSTEM\Sysexplr.exe 

size: 266.383 bytes

port: 7626 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "help" 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "(Default)" 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "help" 
HKEY_CLASSES_ROOT\txtfile\shell\open\command "(Default)"
MegaSecurity