by ?
Original name unknown
Written in Delphi
dropped files: c:\WINDOWS\njupdate.dll size: 217 bytes c:\WINDOWS\rundII32.exe size: 104.448 bytes c:\WINDOWS\system32\rundII32.exe size: 104.448 bytes port: 5879 TCP added to registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LoadPowerProfile "(Default)" data: RundII32.exe powerprof.dll,LoadCurrentPwrScheme attempts to connect to an IRC server tested on Windows XP December 31, 2004MegaSecurity