by ?
Written in Visual Basic, compressed with UPX
Backdoor.Win32.VB.k: dropped files: c:\WINDOWS\system32\%trojan name% size: 99,328 bytes port: 19232, 666, 1136 TCP startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "UpdRegistry" data: c:\windows\system32\%trojan name% HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "UpdRegistry" data: c:\windows\system32\%trojan name% tested on Windows XP February 06, 2005MegaSecurity