by DG
Written in Delphi
Released in June 2008
Made in China
MegaSecurity
Server Dropped File: c:\WINDOWS\system32\dgrat.dll Size: 40,452 bytes Added to Registry: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DGRAT "ImagePath" Data: %SystemRoot%\system32\svchost.exe -k netsvcs HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DGRAT\Parameters "ServiceDll" Data: C:\WINDOWS\system32\dgrat.dll HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DGRAT "ImagePath" Data: %SystemRoot%\system32\svchost.exe -k netsvcs HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DGRAT\Parameters "ServiceDll" Data: C:\WINDOWS\system32\dgrat.dll Tested on Windows XP October 29, 2008