Rewind 1.3

Rewind 1.3
(Backdoor.Rewindor.13)
(Backdoor.Vb.mh for Install wisock.exe & -SIN-.exe)
(Backdoor.NetDevil.10.Logger for a .cgi & b.cgi)

by Loki & B33T

Written in Visual Basic

Released in january 2004

more versions


Server:
c:\WINDOWS\Msgrt32.exe 

size: 495.788 bytes 

port: 1263, 1266, 6000, 6001 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "msgrt32" 

added:
c:\WINDOWS\DIjpg.dll 
c:\WINDOWS\WINSYS32.EXE

MegaSecurity