by Black
Packed with FSG
Released in March 2005
Made in Russia
dropped file:
c:\WINDOWS\csrss.exe Size: 10,009 bytes
c:\WINDOWS\dll.dll Size: 3,072 bytes (Trojan.Win32.Small.al)
port: 23 TCP
added to registry:
HKEY_CURRENT_USER\Identities\{D4086F36-0B1C-4F8B-883F-F6A433830ADF}\Software\Microsoft\Internet Account Manager
HKEY_CURRENT_USER\Software\Far
HKEY_CURRENT_USER\Software\Ghisler
HKEY_CURRENT_USER\Software\Microsoft\Internet Account Manager
HKEY_CURRENT_USER\Software\Mirabilis
HKEY_CURRENT_USER\Software\RIT
HKEY_CLASSES_ROOT\CLSID\{F741FAF7-07F9-49F2-9348-33A4C3A507B8}
HKEY_LOCAL_MACHINE\SOFTWARE\Ghisler
HKEY_LOCAL_MACHINE\SOFTWARE\Mirabilis
HKEY_LOCAL_MACHINE\SOFTWARE\Miranda
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\.
tested on Windows XP
June 13, 2005