by littl3_dr4g0n
Written in Delphi, compressed with ASPack
Released in May 2006
Server: dropped file: c:\WINDOWS\svchost.exe size: 178,176 bytes port: 2004 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Generic Host Process for Win32 Services" data: C:\WINDOWS\svchost.exe tested on Windows XP May 30, 2006MegaSecurity