by Caecigenus
Written in Microsoft Visual C++
Released in August 2005
Server:
dropped file:
c:\WINDOWS\system32\nts32.exe
size: 5,294 bytes
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{58920203-E2D9-16ET-4LL0-ACC355184E4F} "StubPath"
data: C:\WINDOWS\System32\nts32.exe -a
tested on Windows XP
August 28, 2005
MegaSecurity