Backdoor.Win32.VB.nb
(Backdoor.Win32.VB.nb)

by ?

Written in Visual Basic

more in this category


dropped files:
c:\WINDOWS\SYSTEM\Cljy.exe 
c:\WINDOWS\SYSTEM\HdvYOa.exe 
c:\WINDOWS\SYSTEM\JomS.exe 
c:\WINDOWS\SYSTEM\Kjl1.exe 
c:\WINDOWS\SYSTEM\Rox624U2.exe 
c:\WINDOWS\SYSTEM\TazK7.exe 
(all size: 225.355 bytes with random names) 


c:\WINDOWS\SYSTEM\Cxe0n.exe   
c:\WINDOWS\SYSTEM\Nye42n.exe 
c:\WINDOWS\SYSTEM\Ths89524.exe 
(all size: 442.443 bytes with random names)
 
c:\WINDOWS\SYSTEM\Uoh2kmBU.akh 
size: 1.104 bytes 


startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "4HP@ZD84BWBY8G" 

registry added:
HKEY_LOCAL_MACHINE\Software\4W85K5H45QJK27 

files are downloaded from the internet
See contents of "c:\WINDOWS\Temporary Internet Files\Content.IE5"

MegaSecurity