by Tataye
Written in Delphi
Released in February 2004
Made in Rumania
Server:
port: 6666 TCP
dropped files:
c:\WINDOWS\svchost.exe size: 31.317 bytes
c:\WINDOWS\COMMAND\msiaty.com size: 31.317 bytes
c:\WINDOWS\SYSTEM\mslg.blf size: 43 bytes
c:\WINDOWS\SYSTEM\msmvtj.com size: 31.317 bytes
startup:
KEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "COM Service"
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{42CE4021-DE03-E3CC-EA32-40BB12E6015D} "StubPath"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "COM Service"
MegaSecurity