Fear 1.1.0

FeaR 1.1.0
(Backdoor.Win32.Feardoor.a for Server & Conv.dll)
(Backdoor.Win32.Feardor.10 for agent.exe)
(Backdoor.Win32.Feardoor.20 for plugins)

by SNiPER109

Written in Visual Basic

Released in July 2004

Made in Germany

more versions




Server:
dropped file:
c:\WINNT\krnl64.dll.exe

size: 64.607 bytes
 
port: 1212, 1213, 1214, 1215 TCP

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "WinLogonApplication"
data: C:\WINNT\krnl64.dll.exe 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RUNSERVICES "WinLogonApplication"
data: C:\WINNT\krnl64.dll.exe 

tested on Windows2000

MegaSecurity