by F145h
Written in Assembler, compressed with UPX
Released in May 2005
Made in Russia
Server: dropped files: c:\WINNT\system32\xflasett Size: 5 bytes c:\WINNT\system32\xflash.exe Size: 25 088 bytes port: 18081 TCP added to registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "xflash" data: xflash.exe HKEY_CURRENT_USER\Software\Mirabilis\ICQ\NewOwners tested on Windows 2000 May 30, 2005MegaSecurity