by Splinter
Written in Visual Basic
Released in October 2005
Server:
dropped files:
c:\WINDOWS\msnmsgr.exe Size: 65,160 bytes
c:\WINDOWS\Protocol.dat Size: 140 bytes
c:\WINDOWS\Tempp.bat Size: 154 bytes
c:\WINDOWS\system32\msnmsgr.exe Size: 65,160 bytes
added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "CUNT"
data: C:\WINDOWS\System32\msnmsgr.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{DF893A39-F0C8-11CF-B5C5-0020AFEECF20}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
tested on Windows XP
October 22, 2005
MegaSecurity