Backdoor.Win32.Delf.ai
(Backdoor.Win32.Delf.ai)

by ?

Original name unknown

Written in Delphi

more in this category


Backdoor.Win32.Delf.ai:
c:\WINDOWS\kernel32.exe 

size: 139.264 bytes 

port: 113 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Windows" 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "Windows" 

added:
HKEY_CLASSES_ROOT\.vx 

Tries to connect to specified IRC server and joins a channel to listen for commands

MegaSecurity