masterU

masterU
(Backdoor.Win32.MasterU)

by master

Written in Delphi

Made in Brazil


Server
dropped file:
c:\WINDOWS\SYSTEM\WinampLoad.exe 

size: 142.848 bytes
 
port: 54320, 54321 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Winamp"

MegaSecurity