| Name: | Gunsan |
| Aliases: | W32.Gunsan, Backdoor.AHF, Skyliner, W32/Skyliner, Backdoor.Gunsan, Win32/Gnusan.A@mm, |
| Ports: | at random between 0 and 4999, and 6660, 6667, 7000 |
| Files: | Tast.exe - 51,200 bytes Explorer16.exe - Noalarm.bat - Skyliner.dat - |
| Created: | |
| Requires: | |
| Actions: | Anti-protection trojan / Remote Access / Worm / IRC trojan / Network trojan / Yahoo trojan / Destructive trojan / Virus / HTTP server |
| Registers: | HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\ |
| Notes: | Works on Windows 95, 98, ME, NT, 2000 and XP, together with MS Outlook, Outlook Express and Yahoo! messenger. |
| Country: | |
| Program: | Written in Visual C++. |