by ?
aka Backdoor2002
Written in Visual C++
Released in October 2002
Made in China
Dropped file: c:\WINDOWS\configure.exe size: 303.117 bytes port: 9689 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Config" data: C:\WINNT\configure.exe acts as a worm, uses smtp.etang.com to send mail can restart computer can format HD does search for FTP servers on Local Network attempting to transmit fuck.exe tested on win2000MegaSecurity