Little Witch 4.1
(Backdoor.Win32.LittleWitch.41)

by Axlito

Made in Argentina

more versions


Server:
dropped file:
C:\WINDOWS\SYSTEM\RUNDLL.EXE

size: 218 KB

port: 31320 TCP
      31320 UDP

startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKLM\Software\Microsoft\Windows\Currentversion\explorer

MegaSecurity