by Axlito
Written in Delphi, compressed with UPX
Released in March 2004
Made in Argentina
Server: dropped files: c:\WINDOWS\usr.dat size: 89 bytes c:\WINDOWS\system32\Rundll.exe size: 40.536 bytes port: 31320 TCP added to registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "EnableAutodial" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Rundll" data: Rundll.exe tested on Windows XP November 27, 2004MegaSecurity