Almq

Almq
(Backdoor.Win32.Delf.nj)

by [A]rab[E]vil[S]oftware

Written in Delphi

Made in the Middle East

Released in April 2004


Server:
dropped file:
c:\WINNT\system32\Server.exe

size: 34.820bytes
 
port: 36362 TCP

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Registry"
data: C:\WINNT\system32\Server.exe

tested on Win2000

MegaSecurity