by DaRaTTy
Written in Visual C++
Server: dropped files: c:\WINDOWS\kl.txt size: 0 bytes c:\WINDOWS\MSDra32.exe size: 16.386 bytes port: 3627 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "MSDra32" data: C:\WINDOWS\MSDra32.exe c:\windows\system.ini, [boot] "shell" old value: Explorer.exe new value: explorer.exe MSDra32.exe tested on Windows 98 December 01, 2004MegaSecurity