Backdoor.Win32.VB.bh
(Backdoor.Win32.VB.bh)

by ?

Internal name: Bengame

Original Filename: Bengame.exe

Written in Visual Basic

Made in China

more in this category 


Dropped files:
c:\WINDOWS\BENLET.EXE 
c:\WINDOWS\SYSTEM\BENRUN.EXE 
c:\WINDOWS\SYSTEM\BENSET.EXE 
c:\WINDOWS\DIALER.EXE 

size: 67.072 bytes 

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "MSTaskMonitor" 
HKEY_CLASSES_ROOT\chm.file\shell\open\command "(Default)" 
HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)" 
HKEY_CLASSES_ROOT\scrfile\shell\open\command "(Default)" 
HKEY_CLASSES_ROOT\txtfile\shell\open\command "(Default)" 
c:\windows\win.ini, [windows] "run" 

dropped files:
c:\WINDOWS\BENLET.EXE 
c:\WINDOWS\SYSTEM\BENRUN.EXE 
c:\WINDOWS\SYSTEM\BENSET.EXE 
c:\WINDOWS\DIALER.EXE
MegaSecurity