by WishMaster and Soulbaker
Written in Visual Basic
Made in Brazil
Server: dropped file: c:\WINDOWS\SYSTEM\BACKDOOR.HOSTCONTROL.30.EXE size: 118.918 bytes port: 10528, 11051, 15092 TCP startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "KernelRunning" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Windows System" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "NortonAntiVirus"