NetMonitor 1.0

NetMonitor 1.0 (build 81005)
(Backdoor.Netspy.10.b)
(Backdoor.Netspy.10.c)

by Tiger and Bpple (Tiger Liu)

aka NetSpy

Written in Microsoft Visual C++

Released in December 1998

Made in China


Server:
dropped file:
c:\WINNT\system32\netspy.exe
size: 141.312 bytes
 
port: 7306, 7307, 7308 TCP

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "netspy"
data: netspy.exe
 
tested on Windows 2000

MegaSecurity