Tasmer (b)
(Backdoor.Win32.Tasmer.b)

by ?

more versions

Written in C 


dropped file:
c:\WINDOWS\system32\tskmngr.exe
size: 46.395 bytes 
	
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Task Manager"
data: tskmngr.exe 

port: 46666, 113 TCP

attempts to connect to an IRC server (after reboot)

tested on Windows XP
December 12, 2004
MegaSecurity