Almetyevsk (b)
(Backdoor.Win32.Almetyevsk.b)

by ?

Written in Delphi, compressed with ASPack


more versions 




dropped file:
c:\WINDOWS\SYSTEM\WinRar.exe
size: 170.496 bytes 

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Tatais"
data: C:\WINDOWS\SYSTEM\Tatais.exe 


tested on Windows 98
January 23, 2006
MegaSecurity