Backdoor.Win32.VB.c
(Backdoor.Win32.VB.c)

by Diego (?)

Original name is unknown

Written in Visual Basic

Made in Brazil

more in this category


Dropped file:
c:\WINDOWS\SYSTEM\32DLL.EXE 

size: 110.592 bytes 
 
port: 12560 TCP

startup:
HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\Ahw 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Alo" 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "Aem" 

Is capable of disabling some anti-virus programs.
Attempts to notify the hacker through ICQ.

MegaSecurity