by ?
Written in Delphi, compressed with UPX
Released in June 2004
Made in China
Server:
dropped file:
c:\WINNT\system32\System.exe
size: 167.424 bytes
404.480 bytes (unpacked)
port: 3166 TCP
startup;
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "System"
data: C:\WINNT\system32\System.exe
tested on win2000
MegaSecurity