Written in Microsoft Visual C++

Released in July 2004

more versions

Keylogger:
dropped files:
c:\WINNT\regof1.dll            size: 0 bytes 
c:\WINNT\regof2.dll            size: 0 bytes 
c:\WINNT\system32\msvchost.exe size: 13.084 bytes 
c:\WINNT\system32\regm64.dll   size: 12.288 bytes 
c:\WINNT\system32\rmnl.dll     size: 122 bytes 
c:\WINNT\system32\ssvchost.exe size: 13.084 bytes 

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{NAL503-AB-B70-7-11d2-9CBD-0AH6-9YJIL} "StubPath"
data: C:\WINNT\system32\ssvchost.exe