DFGbot 7.0.6
(Backdoor.Delf.lj)

by DFG

Written in Delphi, encrypted /compressed with tElock

Made in Romania

more versions 



dropped files:
c:\Program Files\dfgbot706.ini    size: 13.772 bytes 
c:\WINNT\system32\Tasknom706.scr  size: 279.552 bytes 

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "MSFree706"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Tasknom706"

port: 1894 TCP

does connect to an IRC server

tested on win2000
MegaSecurity