by ?
Written in Delphi
dropped files: c:\WINDOWS\rundll16.exe Size: 429,568 bytes c:\WINDOWS\system32\netstat32.exe Size: 429,568 bytes startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Rundll16.exe" data: C:\WINDOWS\rundll16.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "netstat32" data: C:\WINDOWS\System32\netstat32.exe port: 45455 TCP tested on Windows XP April 22, 2005MegaSecurity