by ?
Original name unknown
Written in Delphi, compressed with UPX
Made in China
dropped files: c:\WINDOWS\system32\FinDriv.dll size: 11.776 bytes c:\WINDOWS\system32\svchosty.dll size: 188.622 bytes c:\WINDOWS\system32\svchosty.exe size: 204.498 bytes startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Userinit" old data: C:\WINDOWS\system32\userinit.exe, new data: C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\System32\svchosty.exe, tested on Windows XPMegaSecurity