by Lycaon
Written in Delphi
Released in January 2004
Made in Suriname
Server: dropped files: c:\winlogin.exe size: 815.104 bytes c:\xpcore.dll size: 50.688 bytes port: 7776 TCP startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "winlogin" data: C:\winlogin.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "winlogin" data: C:\winlogin.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices "winlogin" data: C:\winlogin.exe tested on win2000MegaSecurity