by ?
Written in Delphi
Made in China
dropped files: c:\WINDOWS\sk.exe size: 225.792 bytes c:\WINDOWS\system32\swon6.exe size: 225.792 bytes port: 5328 TCP added to registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\WinOlaApp "Disabled" HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "run" data: C:\WINDOWS\sk.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Network\LanMan\c$ "Flags" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Network\LanMan\c$ "Path" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Network\LanMan\c$ "Type" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Snow" data: C:\WINDOWS\System32\swon6.exe tested on Windows XP December 08, 2004MegaSecurity