by ?
Real name is unknown
Written in Delphi, packed with UPX
dropped file: c:\WINDOWS\system32\Backdoor.Win32.Delf.mb.EXE size: 89,620 bytes startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "QuickZip" data: C:\WINDOWS\System32\Backdoor.Win32.Delf.mb.EXE HKEY_CLASSES_ROOT\Quicktlme\shell\open\command "(Default)" data: "C:\WINDOWS\System32\Backdoor.Win32.Delf.mb.EXE" "%1" tested on Windows XP December 10, 2005MegaSecurity