Vortex

Vortex
(Backdoor.Win32.Vb.tk)

by Splinter

Written in Visual Basic

Released in April 2004





Server:
size: 76.168 bytes

port: 911, 981, 980 TCP

added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Windows"
data: c:\windows\system\Explorer.exe 

tested on win2000



on win98:
dropped file:
c:\WINDOWS\SYSTEM\Explorer.exe
size: 76.168 bytes 

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Windows"
data: c:\windows\system\Explorer.exe

MegaSecurity