Backdoor.Win32.Delf.cb
(Backdoor.Win32.Delf.cb)

by ?

Written in Delphi

Probably made in Spain

more in this category




Backdoor.Win32.Delf.cb:
changed file:
c:\AUTOEXEC.BAT
data:  "@COPY C:\WINDOWS\DESKTOP\BACKDOOR.WIN32.DELF.CB.EXE C:\windows\fpanda.exe"
	
added to registry:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "APVXD"
data: c:\windows\fpanda.exe 

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "APVXDWIN"
data: C:\WINDOWS\DESKTOP\BACKDOOR.WIN32.DELF.CB.EXE

attempts to connect to an IP located in Spain


tested on Windows 98
May 02, 2005

MegaSecurity