by ?
Written in Delphi, compressed with UPX
Probably made in Brazil
 
dropped files: c:\Documents and Settings\%user%\Local Settings\Temp\hdll32.dll Size: 75,101 bytes c:\Documents and Settings\%user%\Local Settings\Temp\new i_mouse.cfg Size: 478 bytes c:\WINDOWS\system32\HDLL.DLL Size: 75,101 bytes c:\WINDOWS\system32\SpoolPrinter32.exe Size: 359,041 bytes c:\WINDOWS\system32\SpoolPrinter32.INI Size: 10 bytes startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "SpoolPrinter32.exe" data: C:\WINDOWS\System32\SpoolPrinter32.exe tested on Windows XP June 15, 2005MegaSecurity