Taladrator 2.0 Beta 2.0

Taladrator 2.0 Beta 2.0
(Not detected by KAV on February 09, 2008)
(Backdoor.Win32.Taladrator.20 for Client)

by XpyXt

Written in Visual Basic

Released in December 2001

Made in Brazil


Server:
dropped file:
c:\WINDOWS\SYSTEM32\exewin32.exe 

size: 1.797.120 bytes

port: 29690, 39456 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "ExeWin32" 

added:
c:\WINDOWS\SYSTEM\scrrnes.dll 
c:\WINDOWS\SYSTEM32\trsys.sys

MegaSecurity