by V0Lk$z0rN
Written in Delphi, compressed with UPX
Released in March 2005
Made in Germany
Client: port: 23769, 23759 TCP Server: dropped file: c:\WINDOWS\system32\Microsoft\svchost.exe size: 205,312 bytes port: 23779, 23789 TCP added to registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" data: 1 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "svchost" data: C:\WINDOWS\system32\Microsoft\svchost.exe tested on Windows XP March 04, 2005MegaSecurity