by Alfa-Omega
Written in Visual Basic
Released in June 2007
Dropped file: c:\WINDOWS\xtrmtelnet.exe size: 53,248 bytes port: 24581 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "tornado" data: C:\WINDOWS\windtelnet.exe tested on Windows XP June 18, 2007MegaSecurity