AntiLamer Backdoor
This RAT application is one of the most famous Remote Administration Tools. This virus originated in April 2002. It is very simple to use and has a lot of different functions from the simple shutdown of the victim's PC, to logging keystrokes and visited web-sites. This all makes it a very dangerous hacker tool, which can be used for all sorts of illegal operations. The interface is written in Russian. The author is OverG. The applicationming language is Delphi, compressed with UPX. It uses a "backdoor" ability to stay resident in the computer.
File System Modifications
- The following files were created in the system:
# File Name 1 9031a947a7baf96049166384d63698b9.exe 2 9bc1f483c002e547c76d291ce387bb2c.exe 3 alb.exe 4 backdoor.antilam.14.c.exe 5 backdoor.antilam.20.a.exe 6 eba4184bf94005bdda70809600a2a61f.exe 7 edit.dat 8 edit.dll 9 editserver.exe 10 edtsrv.exe 11 help.html 12 joiner.exe 13 new_alb.exe 14 readme.html 15 readme.txt 16 server.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionunmswindows32unmswindows32HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversion
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.