Net-Devil

Name:	Net-Devil
Aliases:	Backdoor.Net Devil, NetDevil, BackDoor.RP, BDS.NetDev, Win32.NetDevil, Troj.NetDevil,
Ports:	901, 902, 903, 6667 (ports can be changed)
Files:	Netdevil1.0.zip - 812,821 bytes Netdevil1_0.zip - 813,157 bytes Netdevil1.1.zip - 1,061,909 bytes Netdevil_11.zip - Netdevil12.zip - 1,058,707 bytes Netdevil_14.zip - 1,103,930 bytes Netdevil_15.zip - 1,149,085 bytes Net-devil-1.5.zip - Cgi_logger1.0.zip - Net-devil.exe - 324,096 bytes Net-devil.exe - 1,079,808 bytes Net-devil.exe - 1,087,488 bytes Net-devil.exe - 1,101,824 bytes Net-devil.exe - 1,193,472 bytes Server.exe - 574,464 bytes Server.exe - 601,088 bytes Server.exe - 602,624 bytes Server.exe - 621,568 bytes Server.exe - 659,968 bytes Edit-server.exe - 407,040 bytes Edit-server.exe - 538,112 bytes Edit-server.exe - 541,184 bytes Edit-server.exe - 586,240 bytes Edit-server.exe - 589,824 bytes Shellapi32.exe - Advapi.exe - Netapi32.exe - Netapi.exe - Upx.exe - 89,600 bytes Kernel32.dli -
Created:	Aug 2001
Requires:
Actions:	Anti-protection trojan / Remote Access / Keylogger / Steals passwords / Remote peeker
Registers:	HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
	HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\
	HKEY_CLASSES_ROOT\.dlI
	HKEY_CLASSES_ROOT\dlIfile\shell\open\command
Notes:	Works on Windows NT, 2000 and XP. tr\|force is invvolved in the NetDevil project.
Country:	written in the Netherlands
Program:	Written in Delphi.

© Copyright von Braun Consultants. This information may include technical inaccuracies or typographical errors. If you have any questions or further information about the actual trojan above, please contact Joakim von Braun at <joakim.von.braun@risab.se>