by BC Computing
Written in Visual Basic
Released in May 2003
Server: dropped files: c:\Program Files\Accessories\Common\Keylog.txt size: 0 bytes c:\WINDOWS\ijl11.dll size: 180.224 bytes c:\WINDOWS\Outlook.exe size: 54.784 bytes c:\WINDOWS\refsdm.dll size: 26 bytes c:\WINDOWS\uniner.exe size: 25.088 bytes c:\WINDOWS\wsdll32.exe size: 57.856 bytes c:\WINDOWS\dll32\csrss.exe size: 81.408 bytes c:\WINDOWS\dll32\services.exe size: 96.768 bytes c:\WINDOWS\system32\ANSMTP.dll size: 274.432 bytes port: 10050 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "NTSet" data: C:\WINDOWS\dll32\csrss.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "NTSet32" data: C:\WINDOWS\dll32\services.exeMegaSecurity