Backdoor.Win32.Delf.au
(Backdoor.Win32.Delf.au)

by ?

Original name unknown

Written in Delphi, compressed with ASPack

more in this category


Backdoor.Win32.Delf.au:
dropped file:
c:\WINDOWS\SYSTEM\Kernel32.exe
size: 210.944 bytes 
	
port: 1979 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Kernel"
data: C:\WINDOWS\SYSTEM\Kernel32.exe 

MegaSecurity