IKlogger 0.1

IKlogger 0.1
(Not detected by KAV on November 11, 2005)

by Thor

Written in Delphi

Released in October 2005


Server:
dropped file: 
c:\WINDOWS\svchost.exe
size: 240,640 bytes 

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "svchost"
data: "C:\WINDOWS\svchost.exe" 



tested on Windows XP
November 16, 2005

MegaSecurity