by ATmaCA
Written in C++
Released in June 2003
Made in Turkey
Server:
dropped file:
c:\WINDOWS\SYSTEM\Driver_32.exe
size: 357.945 bytes
port: 110 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{7TF52A52-394A-11d3-B153-00707897TT} "StubPath"
HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)"
added:
c:\WINDOWS\SYSTEM\CRSS.EXE
c:\WINDOWS\SYSTEM\DXSERVICE.EXE
c:\WINDOWS\SYSTEM\ekran_g.jpg
c:\WINDOWS\SYSTEM\iss32.exe
c:\WINDOWS\SYSTEM\kayit2.bat
c:\WINDOWS\SYSTEM\kdd32.atm
c:\WINDOWS\SYSTEM\kt.atm
c:\WINDOWS\SYSTEM\ktd32.atm
c:\WINDOWS\SYSTEM\outl.atm
MegaSecurity