by ?
Compressed with UPX
Released in December 2003
dropped files:
c:\WINDOWS\WININIT.INI size: 45 bytes
c:\WINDOWS\SYSTEM\oqicyqb.dll size: 149.504 bytes
c:\WINDOWS\TEMP\oqicyqb size: 0 bytes
c:\WINDOWS\TEMP\oqicyqb.dll size: 149.504 bytes
added to registry:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "oqicyqb"
data: rundll32 C:\WINDOWS\SYSTEM\oqicyqb.dll,Init 1
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce "*oqicyqb"
data: rundll32 C:\WINDOWS\SYSTEM\oqicyqb.dll,Init 1
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{fd5b2681-1793-4549-ba4a-828eab9232c1}
tested on Windows 98
December 29, 2004
MegaSecurity