by Mohammad
Written in Delphi, compressed with PECompact
Released in December 2005
Made in Iran
Troya is a WebRAT (Web Remote Access Tool) It uses Internet Explorer to connect to Remote PC. For Example: http://217.218.10.16/ Coded by: Borland Delphi 6.0 Released in: Dec. 2005 Mohammad Server: dropped files: c:\WINDOWS\WinLoaderXP.exe Size: 275,456 bytes c:\WINDOWS\system32\explorer64.exe Size: 11,264 bytes port: 800 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "GenericHostXP" data: C:\WINDOWS\WinLoaderXP.exe tested on Windows XP March 04, 2006MegaSecurity