Backdoor.Win32.Delf.ll
(Backdoor.Win32.Delf.ll)

by ?

Original name: MS-Dial

Written in Delphi, compressed with UPX

more in this category


dropped files:
c:\WINDOWS\system32\Backdoor.Win32.Delf.ll.EXE
size: 89,108 bytes 

added to registry::
HKEY_CLASSES_ROOT\cxqfile\shell\open\command "(Default)"
data: "C:\WINDOWS\System32\Backdoor.Win32.Delf.ll.EXE" "%1" 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "MS-RunKey"
data: C:\WINDOWS\System32\Backdoor.Win32.Delf.ll.EXE 

HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\User Trusted External Applications "C:\WINDOWS\System32\Backdoor.Win32.Delf.ll.EXE"
data: Yes 

HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\Viewers "application/x-callswitch"
data: C:\WINDOWS\System32\Backdoor.Win32.Delf.ll.EXE 



tested on Windows XP
August 04, 2005

MegaSecurity