I found that after launching bind_tcp payload on the victim machine it hangs if portscan is launched on the bind_tcp listening port.

For example if I launch bind_tcp on port 4444 with the help of infected file. And if after that instead of running meterpreter client I type:
Code:
nmap <victim ip> -p 4444
Result is that bind_tcp starts consuming 100% cpu on the victim machine. Rather stealthy, huh? If I get it right, it means that if someone will be scanning this victim machine with bind_tcp backdoor installed, bind_tcp will hang notifying its owner. It seems that bind_tcp is waiting for ACK reply so bad that it start consuming all cpu power.