Ads Backdoor.Lateda Tuesday, 21 December 2004 Backdoor.Lateda is a backdoor Trojan horse program that allows an attacker to download and run files on the infected machine. It also receives commands from an attacker through IRC. When Backdoor.Lateda is executed, it performs the following actions: Copies itself as %System%dllcachev2.exe. Note: %System% is a variable that refers to the System folder. By default this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP). Adds the value: "DllCacherv2" = "%System%dllcachev2.exe" to the registry key: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun so that it will run when Windows starts. Connects to an IRC server on the domain s3.hanged.tk through TCP port 6667, and joins the channel ##stwo##. Opens a backdoor on TCP port 9999, and waits for commands. Alllows the attacker to perform the following actions: Download and run files Delete files Uninstall the backdoor Download and install updates to the backdoor Perform a SYN flood Creates a mutex named "lateda," so that only one copy will run at once.   < Prev   Next > [ Back ]

Main Menu SpamAlerts | Windows | Linux | Tutorials | Excell | WhitePapers | News | Spam | Virus Windows Focus VNews Vulnerability Hacking Sql Injection map Downloads Affiliates Online Store Free Ringtones Seo Directory IWebListin Jobs in India Freshers Jobs listings. Winkeyfinder

Copyright 2005-2007 SpamAlertz.com, Content on this site is From variuos other emails, and Advisories.