by ?
Written in Microsoft C++, compressed with UPX
Released in November 2003
dropped files: c:\WINNT\system32\msrsvp.exe size: 32.769 bytes c:\WINNT\system32\olegui.dll size: 45.057 bytes added to registry: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_RSVP\0000\Control HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RSVP\Enum HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RSVP\0000\Control HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RSVP\Enum does (try to) connect to ip 218.242.252.211, located in China tested on Win2000MegaSecurity