Infector

Name: Infector
Aliases: The Infector, FC Infector, Backdoor.Infector,
Ports: 146, 146 (UDP), 1208, 17569, 24000, 30000, 35000 (ports can not be changed)
Files: Fc.zip - 462,863 bytes Infector.zip - 95,103 bytes Infector.zip - 101,764 bytes Infector1.0.zip - 285,601 bytes Infector1.3.zip - 445,950 bytes Infector1.4.zip - 504,012 bytes Infector1.4.2.zip - 570,490 bytes Infector1.6.zip - 604,218 bytes Infector1.6a.zip - 661,515 bytes Infector1.6b.zip - 691,336 bytes Infector1.7c.zip - 779,626 bytes Infector_1.7_bonus.zip - Infector1.8.zip - 849,707 bytes Infector1.8final.zip - 621,523 bytes Infector2.0.zip - 36,395 bytes Infector1.9.zip - Infector2.0.zip - 1,674,575 bytes Infector9.0.zip - 5,599 bytes Infector_v2.zip - 35,713 bytes 1_4_infector_2.zip - 833,483 bytes Infector.exe - 18,929 bytes Infector.exe - 87,944 bytes Infector.exe - 184,832 bytes Infector.exe - 291,840 bytes File_id.exe - 3,632 bytes Client.exe - 174,080 bytes Client.exe - 178,176, bytes Client.exe - 294,912 bytes Client.exe - 333,824 bytes Client.exe - 375,296 bytes Client.exe - 410,112 bytes Client.exe - 436,224 bytes Server.exe - 120,320 bytes Server.exe - 269,912 bytes Server.exe - 293,888 bytes Server.exe - 665,088 bytes Server 1.6b_new.exe - 527,872 bytes Unpacked _server.exe - 299,008 bytes Unpacked_server.exe - 300,544 bytes Editsrv.exe - 114,688 bytes Editsrv.exe - 140,800 bytes Editsrv.exe - 233,984 bytes Editsrv.exe - 236,544 bytes Editserv.exe - 141,312 bytes Editserver.exe - 197,632 bytes Editserver.exe - 198,144 bytes Fcabfl.swf - 29,972 bytes Fc32.exe - 414,208 bytes Fc_1.6server_a.exe - 534,016 bytes Uhanfo.exe - 6,912 bytes Trojan.exe - D3x.drv - D3x32.drv - Apxil32.exe - Setup.int - ??? bytes Msnapplication.exe - Settings.ini - 66 bytes - 257,536 bytes - 300,932 bytes - 532,016 bytes - 533,504 bytes - 768,512 bytes
Created: April 1999
Requires:
Actions: Keylogger / Steals passwords / ICQ trojan / IRC trojan / Downloading trojan / EXE binder / Trojan dropper
Registers: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\
Notes: Works on Windows 95, 98 and ME, together with ICQ.
Country: written in Great Britain
Program: Written in Borland Delphi 5.0.
© Copyright von Braun Consultants. This information may include technical inaccuracies or typographical errors. If you have any questions or further information about the actual trojan above, please contact Joakim von Braun at <joakim.von.braun@risab.se>