Backdoor.Win32.Delf.hr
(Backdoor.Win32.Delf.hr)

by Saif.N (?)

Written in Delphi, packed with UPX

more in this category


Dropped file:
c:\WINDOWS\Mhymeksj.exe
size: 365,568 bytes 

port: 1114 TCP

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "LoadOrderVerification"
data: C:\WINDOWS\Mhymeksj.exe 



tested on Windows XP
April 09, 2005

MegaSecurity