[X]-ztoo 1.0

[X]-ztoo 1.0
(Backdoor.Win32.VB.nr for Client)
(Backdoor.Win32.Icebrak for Server)

by AM2o

Written in Visual Basic

Released in January 2004


Server:
dropped file:
c:\WINDOWS\SYSTEM32\SERVER.exe 

size: 679,936 bytes
 
port: 66, 6666, 5600, 4433, 5024 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Norton001"

MegaSecurity