by Elias Konstadinidis
Written in Delphi, compressed with UPX
dropped files: %local dir%\JoinMe.conf size: 316 bytes %local dir%\Operators.conf size: 0 bytes added to registry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "directx.exe" HKEY_LOCAL_MACHINE\Software\ColdVision "update" HKEY_LOCAL_MACHINE\Software\Microsoft\Ras\Tapi Devices tested on Windows XPMegaSecurity