by Shukisnike
Written in Delphi, compressed with UPX
Released in March 2005
Server: dropped files: c:\WINDOWS\system32\EXPL0RER.EXE Size: 42,565 bytes c:\WINDOWS\system32\SP00LSV.EXE Size: 42,565 bytes port: 800, 25555 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "EXPLORER" data: EXPL0RER.EXE tested on Windows XP March 02, 2005MegaSecurity