DTr 1.7 (a)
(Backdoor.Win32.DTR.17.a)

by Danil

Released in February 2004

Made in Ukrainia

more versions 




Server:
dropped files:
c:\WINDOWS\SYSTEM\nbsystem.exe   Size: 13.312  bytes
c:\WINDOWS\SYSTEM\dtr.dat 
c:\WINDOWS\SYSTEM\dtr.dll 
c:\WINDOWS\SYSTEM\nbsystem.dll 
c:\WINDOWS\SYSTEM\nbsystem.exe 

port: 10001 TCP

registry added:
HKEY_CLASSES_ROOT\CLSID\{B65965C0-65F3-11D8-A191-00A02480D0C4}\InProcServer32 "(Default)" 
data: nbsystem.dll 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad "NBSYSTEM" 
data: {B65965C0-65F3-11D8-A191-00A02480D0C4} 

freeware server is visible
MegaSecurity