by ?
Written in Delphi
Probably made in France
dropped file: c:\WINDOWS\system32\svchost32.exe size: 722,944 bytes port: 65533 TCP startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "napwdll32" data: C:\WINDOWS\System32\svchost32.exe attempts to connect to an IRC Server tested on Windows XP October 18, 2005MegaSecurity