ScreenGrab
(Backdoor.Win32.ScreenGrab)

by Underboss

Written in Visual Basic

Released in July 2001

more versions 


Server:
dropped files:
c:\WINDOWS\SYSTEM\pic.dll    size: 187.392 bytes 
c:\WINDOWS\SYSTEM\win32.exe  size: 36.864 bytes 

port: 32456, 1065 TCP

startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Microsoft"
data: win32.exe
MegaSecurity