by xMs and th3 s13az3
Written in Delphi
dropped files: c:\WINDOWS\server.exe size: 33.280 bytes port: 5151 TCP added to registry: HKEY_CURRENT_CONFIG\Software\Microsoft\windows\CurrentVersion\Internet Settings "EnableAutodial" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "RunProg" data: C:\WINDOWS\server.exe tested on Windows XP December 16, 2004MegaSecurity