NetCrack 1.3 alpha 3.0

NetCrack 1.3 alpha 3.0
(Trojan-Downloader.Win32.Atmader.10)
(Backdoor.Win32.NetCrack.13.d)
(Backdoor.Win32.Haxdoor)
(BBackdoor.Win32.Haxdoor.e)
(Trojan-Dropper.Win32.Dotf.14)
(Backdoor.Win32.NetCrack.13.g for server)

by Avenger

Written in Delphi

Released in July 2003

Made in Russia

more versions


Client:
dropped server:
c:\WINDOWS\SYSTEM\MPREXE.EXE (Backdoor.Haxdoor.e)

size: 19.968 bytes

port: 8008, 16661 TCP
 
startup:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\MPRServices\TestService 

added:
:\WINDOWS\SYSTEM\gate32.sys 
c:\WINDOWS\SYSTEM\lservice.exe  (Backdoor.Haxdoor.e)
c:\WINDOWS\TEMP\f1.exe 
c:\WINDOWS\TEMP\f2.exe 





Server:
c:\WINDOWS\SYSTEM\mswin.exe 

size: 27.486 bytes

port: 777, 778 TCP

startup:
c:\windows\system.ini, [boot] "shell"

MegaSecurity