Byshell 1.09 Build 20071209

Byshell 1.09 Build 20071209
(Backdoor.Win32.Visel.ax)
(Backdoor.Win32.Visel.ay for Server)

by ?

Released in December 2007

Made in China


Server
Dropped Files:
c:\WINDOWS\system32\SteelKernel32.dll    Size: 135,168 bytes 
c:\WINDOWS\system32\SteelKernel32.exe    Size: 192,512 bytes 

Startup:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_STEELKERNEL\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SteelKernel\Enum
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SteelKernel\Security
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_STEELKERNEL\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SteelKernel\Enum
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SteelKernel\Security




Tested on Windows XP
January 08, 2008

MegaSecurity