RTB 666 1.64
(Backdoor.Win32.RTB.164.a)
(Backdoor.Win32.RTB.164.b)
(Backdoor.Win32.RTB.164.c)

by R*fl*x

Compressed with ASPack

Released in August 2001

Made in Poland

more versions


Server:
dropped file:
c:\WINDOWS\SYSTRAY.EXE
size: 230.011 bytes 
 
port: 623, 680 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Zasobnik systemowy"
data: C:\WINDOWS\SYSTRAY.EXE 



tested on Windows 98
November 21, 2004

MegaSecurity