Backdoor.Win32.Delf.mb
(Backdoor.Win32.Delf.mb)

by ?

Real name is unknown

Written in Delphi, packed with UPX


more in this category


dropped file:
c:\WINDOWS\system32\Backdoor.Win32.Delf.mb.EXE
size: 89,620 bytes 

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "QuickZip"
data: C:\WINDOWS\System32\Backdoor.Win32.Delf.mb.EXE 

HKEY_CLASSES_ROOT\Quicktlme\shell\open\command "(Default)"
data: "C:\WINDOWS\System32\Backdoor.Win32.Delf.mb.EXE" "%1" 


tested on Windows XP
December 10, 2005

MegaSecurity