by ?
Written in Visual Basic, compressed with UPX
Backdoor.Win32.VB.zu: dropped files: c:\WINDOWS\svchosts.exe Size: 62,833 bytes c:\WINDOWS\system32\ckl009.dat Size: 859 bytes c:\WINDOWS\system32\wsock.dll Size: 161,280 bytes (Backdoor.Win32.Ciadoor.13) c:\WINDOWS\system32\wsock.ini Size: 62,833 bytes port: 6333 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Generic Host Process" data: C:\WINDOWS\svchosts.exe tested on Windows XP August 31, 2005MegaSecurity