ForcedControl Uploader 1.0
(Backdoor.Win32.Delf.uw)
(Backdoor.Win32.Delf.gr for Server)
(Trojan.Win32.ICQPager.h)

by FC

Written in Delphi

Released in June 2004

more versions

 




Server:
dropped file:
c:\WINNT\MSGNET32.EXE
size: 25.088 bytes
 
port: 34999 TCP

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Mircosoft IE"
data: C:\WINNT\MSGNET32.EXE

tested on win2000
MegaSecurity