Erazer 1.0
(Backdoor.Win32.Agent.bz)

by (v)aster

Written in Delphi

Released in August 2004

Made in Austria

more versions




Server:
dropped file:
c:\WINNT\MsgNet32.exe

size: 811.520 bytes 

port: 10426, 56185 TCP

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Microsoft Net"
data: C:\WINNT\MsgNet32.exe 

tested on win2000

MegaSecurity