by The Litmus Group
Compressed with PE Deminisher
dropped file: c:\WINDOWS\SYSTEM\syscfg.exe size: 12.314 bytes startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Windows API Configuration" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "Windows API Configuration"MegaSecurity