Written in C, Source included

Released in August 2006

Server:
dropped file:
c:\WINDOWS\system32\shadows.exe
size: 492,609 bytes 

port: 7734 TCP

added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Command Prompt Initializer"



tested on Windows XP
March 24, 2007