TroDjan 1.0
(Backdoor.Win32.Delf.kba)
(Backdoor.Win32.Hupigon.cwsq for Server)
(not-a-virus:RemoteAdmin.Win32.WinVNC.j)

by Kaju

Written in Delphi

Released in July 2008

Made in Brazil

more versions

 


Server
Dropped Files:
c:\WINDOWS\system32\wins.sys           Size: 21 bytes 
c:\WINDOWS\system32\win\svchost.exe    Size: 726,599 bytes 

Startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Isass"
Data: C:\windows\system32\win\svchost.exe 




Tested on Windows XP
July 2, 2008

MegaSecurity