by Virtual Virulence
Written in Microsoft Visual C++, compressed with UPX
Released in September 2007
Server: Dropped Files: c:\Documents and Settings\All Users\Start Menu\Programs\Startup\scvhost.exe Size: 256,305 bytes c:\Documents and Settings\%user%\Local Settings\Temp\klg.jpg Size: 1,070 bytes c:\Documents and Settings\%user%\Local Settings\Temp\mlock.bmp Size: 347 bytes c:\Drivers\scvhost.exe Size: 256,305 bytes Port: 1029 TCP Startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "ctfmon" Data: C:\Drivers\scvhost.exe Tested on Windows XP September 30, 2007MegaSecurity