by PA HAC
Written in Delphi
Made in Poland
Server1: dropped file: c:\WINDOWS\SYSTEM\SystemTray.exe size: 423.424 bytes port: 1086, 1986, 1910, 8610, 1010 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "LoadPowerProfile" old data: Rundll32.exe powrprof.dll,LoadCurrentPwrScheme new data: C:\WINDOWS\SYSTEM\SystemTray.exe Server2: dropped file: c:\WINDOWS\SYSTEM\SystemTray.exe size: 423.936 bytes port: 1086, 1986, 1910, 8610, 1010 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "LoadPowerProfile" old data: Rundll32.exe powrprof.dll,LoadCurrentPwrScheme new data: C:\WINDOWS\SYSTEM\SystemTray.exMegaSecurity