StrikeBackdoor 060
(Backdoor.Win32.Stridor.e for Client)
(Backdoor.Win32.Delf.yw for Server)

by Bartlomiej B

Written in Delphi, compressed with UPX

Released in April 2005

Made in Poland

more in this category 




Server:
dropped files:
c:\WINDOWS\error.bat               Size: 216 bytes 
c:\WINDOWS\system32\DirectX3D.dll  Size: 267,264 bytes 
c:\WINDOWS\system32\winlong.exe    Size: 267,264 bytes 

port: 6868 TCP

added to registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Winlong"
data: C:\WINDOWS\system32\winlong.exe 

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List


	
tested on Windows XP
April 29, 2005