by PA HAC
Written in Delphi
Released in July 2004
Made in Poland
Client: dropped files: c:\ban.jpg size: 2.519 bytes c:\ban1.jpg size: 2.674 bytes c:\ban2.jpg size: 3.956 bytes Server1: dropped file: c:\WINDOWS\mks.exe size: 561.664 bytes port: 1906, 1986, 1910, 8610, 861, 869, 8618, 9717, 69, 71, 1907, 1718, 7110, 1010, 1011 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "LoadPowerProfile" old data: Rundll32.exe powrprof.dll,LoadCurrentPwrScheme new data: C:\windows\mks.exe Server2: added to registry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Winamp" data: C:\Program Files\Winamp\Winamps.exeMegaSecurity