Backdoor.Win32.Delf.rm

Backdoor.Win32.Delf.rm
(Backdoor.Win32.Delf.rm)

by ?

Original name: SuperGG.exe

Written in Delphi


dropped file:
c:\WINDOWS\SYSTEM32\SVCHOST.exe

size: 391.680 bytes
 
port: 6000 TCP

startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "SVCHOST"
data: C:\WINDOWS\system32\SVCHOST.exe

MegaSecurity