by HGZ
Written in Delphi
Released in May 2005
Made in China
Client: port: 8000 TCP Server: dropped file: c:\WINNT\%trojan%.exe size: 42,320 bytes added to registry: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PLAYSERVICE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\playService HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PLAYSERVICE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\playService tested on Windows 2000 June 22, 2005MegaSecurity