by ?
Written in Delphi, compressed with ASPack
dropped file: c:\WINDOWS\SYSTEM\%trojan%.EXE size: 106.496 bytes port: 9535 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "SchedulingAgent" data: C:\WINDOWS\System\%trojan%.EXE tested on Windows XP March 01, 2005MegaSecurity