|
|
by BrutalByte
Written in Delphi
Released in September 2005
|
|
|
Server:
dropped files:
c:\WINDOWS\kbsdm.dll Size: 21,666 bytes
c:\WINDOWS\system32\kbsdm.exe Size: 32,969 bytes
c:\WINDOWS\system32\kbsdm.mds Size: 337 bytes
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{46EE24A2-EF1A-A3AC-EA12-20B352B6012D} "StubPath"
data: C:\WINDOWS\System32\kbsdm.exe
tested on Windows XP
September 19, 2005
MegaSecurity