from the doc: 'RECUB Features. 1 RC4 Encripted Reverce connect Shell for XP,2k,2003. 2 Bypass Firewalls by starting new instance of Internet explorer and injecting code 3 Activate throw Encrypted ICMP request 5 No listning ports 6 No Process visible,injects into Explorer.exe on startup and exiting 6 Activex startup 7 Empty All Event Logs After exiting the shell. 8 We can use Netcat also for remote shell. 9 EXE size only 5.39 KB'
Backdoor/Recub.Server [Computer Associates]RECUBWin32/Recub.A trojan [Eset]
41acde02.exe8569140e.exe