by ?
Written in Delphi
Released in December 2005
Made in China
Server: dropped files: c:\WINDOWS\system32\StillCap.exe Size: 60,497 bytes c:\WINDOWS\system32\tmhk.bak Size: 60,497 bytes c:\WINDOWS\system32\winsook.dll Size: 16,326 bytes startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "SonudMan" data: C:\WINDOWS\System32\StillCap.exe tested on Windows XP December 23, 2005MegaSecurity