by Neishei131
Written in Delphi
Released in October 2008
Made in China/font>
Server: Dropped Files: c:\WINDOWS\system32\y5DAwcfKXy.ini Size: 3 bytes c:\WINDOWS\system32\drivers\etc\TT3NdrUs.dll Size: 134,462 bytes Added to Registry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SRAT_Service\Parameters "ServiceDLL" Data: %SystemRoot%\system32\drivers\etc\TT3NdrUs.dll HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SRAT_Service "ImagePath" Data: %SystemRoot%\System32\svchost.exe -k netsvcs HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SRAT_Service\Parameters "ServiceDLL" Data: %SystemRoot%\system32\drivers\etc\TT3NdrUs.dll HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SRAT_Service "ImagePath" Data: %SystemRoot%\System32\svchost.exe -k netsvcs Tested on Windows XP October 27, 2008MegaSecurity