Modified with PEditor

Backdoor.Win32.Kalmer:
dropped file:
c:\WINDOWS\KERNEL32.EXE 

size: 8.224 bytes

port: 201 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Kernel"