by Teshke
Written in Delphi, compressed with UPX
Released in August 2003
Made in Russia
Server: dropped file: c:\WINDOWS\6.EXE size: 69.683 bytes startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "service.exe" registry added: HKEY_CURRENT_USER\Software\Mirabilis\ICQ\NewOwners HKEY_CURRENT_USER\Software\RZ6 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Network\LanManMegaSecurity