message box displayed by backdoor
by ?
Written in Delphi
dropped files: c:\WINDOWS\0.0 Size: 25 bytes c:\WINDOWS\br.dll Size: 10,656 bytes c:\WINDOWS\cftmon.exe Size: 244,485 bytes c:\WINDOWS\mirc.dll Size: 244,485 bytes startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "ctfmon" data: C:\WINDOWS\cftmon.exe attempts to connect to an IRC Server tested on Windows XP January 09, 2006MegaSecurity