by ?
Original name is unknown
Written in Delphi
dropped file: c:\WINDOWS\system32\systemram.exe size: 193,696 bytes port: 12241 TCP added to registry: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_R_SERVER HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\r_server HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\C HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_R_SERVER HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\r_server HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List HKEY_LOCAL_MACHINE\SYSTEM\RAdmin\v2.0\Server\Parameters tested on Windows 2000 November 03, 2005MegaSecurity