Molena 1.10

Molena 1.10
(HackTool.Win32.VB.er for Setup.exe)
(Backdoor.Win32.SdBot.laj for Client)
(Backdoor.Win32.Rbot.yaf for Edit Server.exe)
(Backdoor.Win32.VB.acu for server.exe)

by Red Move

Written in Visual Basic, compressed with UPX

Released in December 2004

more versions


Server:
dropped file: 
c:\WINDOWS\system32\Knrl32.exe
size: 24,124 bytes 

startup:
HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)"
old data: "%1" %* 
new data: Knrl32.exe opext "%1" %* 




tested on Windows XP
June 01, 2005

MegaSecurity