by Shukisnike
Written in Visual Basic
Released in January 2004
Server: dropped files: c:\WINDOWS\system32\SP00LSV.EXE size: 41,160 bytes c:\WINDOWS\system32\WINL0G0N.EXE size: 41,160 bytes port: 2300, 4300, 4500, 6000 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Microsoft Windows" data: C:\WINDOWS\System32\WINL0G0N.EX tested on Windows XP March 09, 2005MegaSecurity