by Diego (?)
Original name is unknown
Written in Visual Basic
Made in Brazil
Dropped file: c:\WINDOWS\SYSTEM\32DLL.EXE size: 110.592 bytes port: 12560 TCP startup: HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\Ahw HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Alo" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "Aem" Is capable of disabling some anti-virus programs. Attempts to notify the hacker through ICQ.MegaSecurity