Written in Delphi, compressed with UPX

Released in March 2004

Made in Argentina

more versions

Server:
dropped files:
c:\WINDOWS\usr.dat                Size: 89 bytes 
c:\WINDOWS\system32\Rundll.exe    Size: 91,736 bytes 

port: 31320n TCP

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Rundll"
data: Rundll.exe 



tested on Windows XP
January 12, 2006