StrikeBackdoor 096
(Backdoor.Win32.Stridor.d)

by Bartlomiej B

Compressed with UPX

Released in June 2005

Made in Poland

more in this category 




Server:
dropped files:
c:\WINDOWS\error.bat               Size: 236 bytes 
c:\WINDOWS\system32\DirectX3D.dll  Size: 288,256 bytes 
c:\WINDOWS\system32\winlong.exe    Size: 288,256 bytes 

port: 6868, 6869 TCP

Added to registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Winlong"
data: C:\WINDOWS\system32\winlong.exe 

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List "C:\Documents and Settings\Kobayashi\Desktop\strike_backdoor_0.96\server.exe"
data: C:\Documents and Settings\%user%\Desktop\strike_backdoor_0.96\server.exe:*:Enabled:PORT P2P 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List "C:\Documents and Settings\Kobayashi\Desktop\strike_backdoor_0.96\server.exe"
data: C:\Documents and Settings\%user%\Desktop\strike_backdoor_0.96\server.exe:*:Enabled:PORT P2P 



tested on Windows XP
June 15, 2005