Webserver

Webserver
(Backdoor.Delf.mm)

by ?

Written in Delphi, compressed with UPX

Released in July 2004

Made in China




dropped file:
c:\WINDOWS\SYSTEM\rising.exe

size: 210.432 bytes 
	
port: 80 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "rising"
data: rising.exe

remark:
This webserver was is detected on 31 July 2004 as "Backdoor.Delf.mm".
PA HAC 1.0 Beta 2004 is also detected as "Backdoor.Delf.mm".

MegaSecurity