by Y2KZERO
Written in Delphi
Released in June 2001
Made in China
Server: dropped files: c:\WINDOWS\SYSTEM\lfp.exe c:\WINDOWS\SYSTEM\system32.exe c:\WINDOWS\SYSTEM\tel.dll c:\WINDOWS\SYSTEM\lfp.dll port: 7626 TCP startup: HKEY_CLASSES_ROOT\*\Shell\open\command "(Default)" registry added: HKEY_CLASSES_ROOT\*\Shell\open\command HKEY_CLASSES_ROOT\.lfp HKEY_CLASSES_ROOT\dllfile\shell\Open\Command HKEY_CLASSES_ROOT\lfpfile\DefaultIcon HKEY_CLASSES_ROOT\lfpfile\shell\Open\Command HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\durrentVersionMegaSecurity