Home Malware Programs Remote Administration Tools AntiLamer Backdoor

AntiLamer Backdoor

Posted: March 28, 2006

This RAT application is one of the most famous Remote Administration Tools. This virus originated in April 2002. It is very simple to use and has a lot of different functions from the simple shutdown of the victim's PC, to logging keystrokes and visited web-sites. This all makes it a very dangerous hacker tool, which can be used for all sorts of illegal operations. The interface is written in Russian. The author is OverG. The applicationming language is Delphi, compressed with UPX. It uses a "backdoor" ability to stay resident in the computer.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 9031a947a7baf96049166384d63698b9.exe
    2 9bc1f483c002e547c76d291ce387bb2c.exe
    3 alb.exe
    4 backdoor.antilam.14.c.exe
    5 backdoor.antilam.20.a.exe
    6 eba4184bf94005bdda70809600a2a61f.exe
    7 edit.dat
    8 edit.dll
    9 editserver.exe
    10 edtsrv.exe
    11 help.html
    12 joiner.exe
    13 new_alb.exe
    14 readme.html
    15 readme.txt
    16 server.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionunmswindows32unmswindows32HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversion

Related Posts

Loading...