by ?
Written in Delphi
Made in Israel
dropped files: c:\WINDOWS\system\ms32i.exe Size: 672,256 bytes c:\WINDOWS\system32\jrs33.exe Size: 672,256 bytes c:\WINDOWS\system32\napwdll32.exe Size: 672,256 bytes port: 6553 TCP startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "napwdll32" data: C:\WINDOWS\System32\napwdll32.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "NeroChecks" data: C:\WINDOWS\System32\rdlt32.exe attempts to connect to an IRC Server tested on Windows XP October 16, 2005MegaSecurity