Written in Assembly

Released in March 1999

Server:
dropped files:
c:\WINDOWS\ICQ.EXE                size: 173.056 bytes  (Backdoor.Win32.MotivFTP.12)
c:\WINDOWS\RUNVDX.EXE             size: 31.979 bytes 
c:\WINDOWS\RUNVDX32.EXE           size: 10.427 bytes 
c:\WINDOWS\SHUTDOWN.EXE           size: 8.562 bytes 
%trojanpath%\6.exe  size: 12.288 bytes 

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "runvdx"
data: runvdx.exe 



tested on Windows 98
February 03, 2005