by Michiel
IRC WARBOT 2.01, Internal Name: airtrox
Written in Visual Basic
Made in The Netherlands
See also Backdoor.VB.kn by Michiel
Dropped file: c:\WINDOWS\kernell32\rundll32.exe size: 131.072 bytes startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "kernell32_ins" Tries to connect to a specified IRC server to join a channel and listen for commandsMegaSecurity