Netsys 9.0
(Backdoor.Win32.Hupigon.bwzx for Client)
(Backdoor.Win32.Hupigon.bcm)
(Backdoor.Win32.Hupigon.blc)

by Zhou Jian

Written in Delphi

Released in July 2007

Made in China

more versions 


Server
Dropped File:
c:\WINDOWS\system32\ZRundlll.exe
Size: 282,953 bytes 

Added to Registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZRundlll\Security
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZRundlll\Security
	
	

Tested on Windows XP
March 05, 2008
MegaSecurity