by Peyman
Released in June 2007
Made in Iran
Server: dropped files: c:\WINDOWS\Vorm.exe Size: 17,717 bytes c:\WINDOWS\system32\downloader.exe Size: 15,997 bytes added to registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" old data: Explorer.exe new data: Explorer.exe C:\WINDOWS\system32\downloader.exe tested on Windows XP June 20, 2007MegaSecurity