Lamers Death 2.7 RC2 (b2)

Lamers Death 2.7 RC2 (b2)
(Backdoor.Win32.Death.27.a for editor.dll)
(Backdoor.Win32.Death.27.b for Client)
(Backdoor.Win32.Death.27.b for Server)
(Backdoor.Win32.Death.26 for editor)

by FreeLoader

Written in Delphi

Released in February 2003

Made in Russia

more versions


Server:
c:\WINDOWS\winsock.exe 

size: 271.747  bytes

port: 30003 TCP

startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "winsock.exe" 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "winsock.exe" 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "winsock.exe" 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce "winsock.exe" 
c:\windows\win.ini, [windows] "load" 
c:\windows\win.ini, [windows] "run
c:\windows\system.ini, [boot] "shell" 

added:
c:\WINDOWS\SYSTEM\internat.exe 
c:\WINDOWS\SYSTEM\runexec.dll

MegaSecurity