by 4n0nym0us
Released in April 2009
Server Dropped Files: c:\Documents and Settings\Kobayashi\Local Settings\Temp\File.bat Size: 53 bytes c:\Documents and Settings\Kobayashi\Local Settings\Temp\send.exe Size: 45,134 bytes Added to Registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "winlogon" Data: C:\DOCUME~1\KOBAYA~1\LOCALS~1\Temp\send.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run "McsNet" Data: C:\DOCUME~1\KOBAYA~1\LOCALS~1\Temp\send.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "ServiPackUpdate" Data: C:\DOCUME~1\KOBAYA~1\LOCALS~1\Temp\send.exe Tested on Windows XP May 06, 2009MegaSecurity