server_u.exe (836,644 bytes)
by ?
Written in Delphi
Released in December 2005
Made in China
server_u.exe (836,644 bytes)
Dropped by server_u.exe (836,644 bytes):
c:\WINDOWS\2006_1.ini Size: 68 bytes
c:\WINDOWS\server_u.exe Size: 684,032 bytes
c:\WINDOWS\system32\82.dll Size: 98,304 bytes
Extracted Server "rejoice_06.exe":
dropped file:
c:\WINDOWS\system32\rejoice.dll
size: 98,304 bytes
added to registry:
HKEY_CLASSES_ROOT\CLSID\{86F4BDA2-C04B-4662-953A-9A47C1F10C5C}\InprocServer32 "(Default)"
data: C:\WINDOWS\System32\rejoice.dll
tested on Windows XP
December 18, 2005
MegaSecurity