by WishMaster and Soulbaker
Written in Visual Basic
Made in Brazil
dropped files: %current dir%\install.bat c:\WINDOWS\telnet.exe Size: 249,344 bytes c:\WINDOWS\system\runwink.exe Size: 249,344 bytes port: 11051, 10528, 15092 TCP startup: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run "WinBaseSystem" data: C:\windows\system\runwink.exe HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunServices "Windows Required Files" data: C:\windows\telnet.exe HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run "WinBaseSystem" data: C:\windows\system\runwink.exe HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunServices "Windows Required Files" data: C:\windows\telnet.exe tested on Windows XP January 17, 2006