by c400s
Written in Delphi
Released in December 2002
Made in Brazil
Server Dropped Files: C:\WINDOWS\SYSTEM\ZBIOS.EXE C:\WINDOWS\SHELL64.EXE size: 716.800 bytes port: 10666, 65000, 65010 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Microsoft Shell 64" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "Microsoft Shell 64" HKEY_CLASSES_ROOT\txtfile\shell\open\command "(Default)" c:\windows\system.ini, [boot] "shell" c:\windows\win.ini, [windows] "run" added: c:\WINDOWS\UPX.EXEMegaSecurity