by Angelillo
Written in Visual Basic, compressed with UPX
Released in December 2003
Client: dropped files: c:\WINDOWS\system\wrundll2.exe size: 34,304 bytes c:\Documents and Settings\%user%\Local Settings\Temp\serv.exe size: 34,304 bytes added to registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Windows Update" data: C:\windows\system\wrundll2.exe Server: dropped file: c:\WINDOWS\system\wrundll2.exe size: 32,256 bytes port: 12667, 3132, 8905, 1033 TCPMegaSecurity