by Karin
Written in Delphi
Server: dropped files: c:\text.txt size: 2.632 bytes c:\WINDOWS\BODY.LG size: 181 bytes c:\WINDOWS\netcfge.exe size: 13.824 bytes startup: c:\windows\system.ini, [boot] "shell" old value: Explorer.exe new value: Explorer.exe C:\WINDOWS\netcfge.exe the binary contains the text string "email: [email protected]". tested on Windows 98 April 14, 2005MegaSecurity