| Name: | Dark IRC |
| Aliases: | Backdoor.IRC.Dark, Backdoor.Darkirc, Palukka, Backdoor.Palukka, Backdoor.QZ, Win32.DarkIRC, DDoS.Win32.Palukka, Troj/Palukka, |
| Ports: | 1026, 6667, 6969, 8888 |
| Files: | Dark.zip - Darkirc4.0.zip - *.exe - [* = five random letters]Ixhtlpkqfb.exe - Sysbat.exe - Glpod.exe - - 608,256 bytes - 608,257 bytes |
| Created: | Oct 2001 |
| Requires: | |
| Actions: | Remote Access / FTP server / IRC trojan / Distributed DoS tool |
| Registers: | HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\ | |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\ | |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce\ | |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ | |
| Notes: | Works on Windows, together with an IRC software. |
| Country: | |
| Program: | Written in Delphi 3.0. |