|
|
by BrutalByte
Written in Delphi
Released in October 2005
|
|
|
Server:
dropped files:
c:\WINDOWS\kdsbm.dll Size: 21,622 bytes
c:\WINDOWS\system32\kdsbm.exe Size: 32,925 bytes
c:\WINDOWS\system32\kdsbm.mbs Size: 798 bytes
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{55AD2412-AA1B-A2EC-EC42-20A354B6032A} "StubPath"
data: C:\WINDOWS\System32\kdsbm.exe
tested on Windows XP
November 03, 2005
MegaSecurity