by ?
Written in Delphi, compressed with UPX
dropped files: c:\WINDOWS\svchost.exe Size: 225,284 bytes c:\WINDOWS\Temp\itime.txt Size: 0 bytes startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "(Default)" data: C:\WINDOWS\svchost.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "(Default)" data: C:\WINDOWS\svchost.exe tested on Windows XP February 02, 2006MegaSecurity