Backdoor.Win32.Delf.ar
(Backdoor.Win32.Delf.ar)

by ?

Original name unknown

Written in Delphi, compressed with ASPack

more in this category


Backdoor.Win32.Delf.ar:
dropped file:
c:\WINDOWS\SYSTEM\SHELLAPI.EXE 

size: 239.106 bytes 

port: 901 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "ShellApi" 

MegaSecurity