AntiMks 0.1 beta

AntiMks 0.1 beta
(Backdoor.Win32.Delf.mc for Setup.exe)
(Backdoor.Win32.Delf.md for AntiMks.exe)

by rsk

Written in Delphi

Released in January 2004

Made in Poland


Client:
port: 6711 TCP



Server:
dropped file:
c:\WINDOWS\svchost.exe 

size: 178.176 bytes 

port: 2004 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Generic Host Process for Win32 Services"

MegaSecurity