by VohyOw
Written in Delphi
Released in October 2002
Server: dropped file: c:\WINDOWS\STIMON32.EXE size: 526.848 bytes port: 4000, 4001 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "STIMON32" data: C:\WINDOWS\STIMON32.EXE HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "STIMON32" data: C:\WINDOWS\STIMON32.EXE tested on Windows 98 October 12, 2006MegaSecurity