by ?
Compressed with UPX
dropped file: c:\WINDOWS\IEXPLORr.EXE size: 8,704 bytes port: 23433 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "MSTestNB" data: C:\WINDOWS\IEXPLORr.EXE The binary contains the text string "ThunderKiss". tested on Windows XP April 13, 2005MegaSecurity