Written in Delphi, compressed with UPX

Made in Mexico

Released in April 2004

Server:
dropped file:
c:\WINDOWS\SysWin32\svchost.exe 

size: 26.624 bytes 

port: 333 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "RUNDLL32"