Troya 1.4
(Backdoor.Win32.Masot.f for Server)
(Backdoor.Win32.Masot.c for EditServer)

by SMA Soft

Written in Delphi

Released in October 2006

Made in Iran

more versions 





Server:
dropped files:
c:\WINDOWS\Troya.log
c:\WINDOWS\WinLoaderXP.exe    Size: 304,128 bytes 

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "GenericHostXP"
data: C:\WINDOWS\WinLoaderXP.exe 
	
	

tested on Windows XP
January 23, 2007
MegaSecurity