aka miniSATAN

Written in Delphi

dropped file:
c:\WINDOWS\schedagnt.exe 

size: 324.608 bytes 

port: 21439 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "Schedulding Agent" 

Connects to a specified IRC server and joins a channel