by Senna Spy
Written in Visual Basic, protected with EXEStealth
Made in Brazil
Backdoor.Win32.VB.tt: dropped file: c:\WINDOWS\SYSBCKUP\Rundl1.exe size: 93.604 bytes port: 11 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Rundll6" data: C:\Windows\Sysbckup\Rundl1.exe dropped files: tested on Windows 98 July 25, 2005MegaSecurity