by ?
Written in Delphi
Released in December 2006
Made in China
Server dropped files: c:\WINDOWS\system32\xiaozi.exe Size: 148,992 bytes c:\WINDOWS\system32\xiaozig.dll Size: 96,768 bytes HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" old data: Explorer.exe new data: Explorer.exe C:\WINDOWS\System32\xiaozi.exe tested on Windows XP March 26, 2007MegaSecurity