I picked up the file and opened it in Notepad. The results were quite interesting. For one, this worm appears to be written in VB. It also appears to make changes to the Registry in the following Keys:

H K E Y _ L O C A L _ M A C H I N E \ S O F T W A R E \ M I C R O S O F T \ W I N D O W S \ C U R R E N T V E R S I O N \ R U N S E R V I C E S \

H K E Y _ L O C A L _ M A C H I N E \ S O F T W A R E \ M I C R O S O F T \ W I N D O W S \ C U R R E N T V E R S I O N \ R U N \

H K E Y _ C L A S S E S _ R O O T \ e x e f i l e \ s h e l l \ o p e n \ c o m m a n d \
. e x e

C:\Windows\System.ini is also mentioned

Here are more interesting strings:

C o m p a n y N a m e W i z a r d - P r o d u c t i o n s

P r o d u c t N a m e H e l l

F i l e V e r s i o n 1 . 0 0

F i l e V e r s i o n 1 . 0 0

P r o d u c t V e r s i o n 1 . 0 0

I n t e r n a l N a m e H e l l

O r i g i n a l F i l e n a m e H e l l . e x e

__vbaFPFix __vbaAryUnlock __vbaAryLock __vbaRedim __vbaVarAnd __vbaVarCmpLt __vbaLateMemCallLd __vbaVarOr __vbaFixstrConstruct __vbaRecAnsiToUni __vbaRecUniToAnsi __vbaFpI4 __vbaInputFile __vbaAryConstruct2 __vbaObjVar __vbaFileCloseAll __vbaAryDestruct __vbaI2Abs __vbaUI1I2 __vbaGenerateBoundsError __vbaI4Str __vbaStrI2 __vbaPut4 __vbaFpR4 __vbaVarLateMemSt __vbaVarLateMemCallLd __vbaVarDiv __vbaLateMemCall __vbaLateMemSt __vbaStrI4 __vbaVarCmpEq __vbaFileClose __vb
o f & s u p p o r t e d s o c k e t s . , W i n d o w s S o c k e t s e r r o r __vbaStrUI1 – W i n s o c k . d l l i s n o t r e s p o n d i n g . M a k e s u r e y o u a r e c o n n e c t e d t o t h e i n t e r n e t .  S o c k e t e r r o r  o c c u r r e d  i n C l e a n u p  0 0 :  0 0 & _ O s c a r _ B u d d y L i s t W i n  E d i t  _ O s c a r _ I c o n B t n  0      __vbaFPFix __vbaAryUnlock __vbaAryLock __vbaRedim __vbaVarAnd __vbaVarCmpLt __vbaLateMemCallLd __vbaVarOr __vbaFixstrConstruct __vbaRecAnsiToUni __vbaRecUniToAnsi __vbaFpI4 __vbaInputFile __vbaAryConstruct2 __vbaObjVar __vbaFileCloseAll __vbaAryDestruct __vbaI2Abs __vbaUI1I2 __vbaGenerateBoundsError __vbaI4Str __vbaStrI2 __vbaPut4 __vbaFpR4 __vbaVarLateMemSt __vbaVarLateMemCallLd __vbaVarDiv __vbaLateMemCall __vbaLateMemSt __vbaStrI4 __vbaVarCmpEq __vbaFileClose __vbaGet4 __vbaVarTstGt __vbaFileOpen __vbaLsetFixstr __vbaStrFixstr __vbaLsetFixstrFree __vbaR8IntI2 __vbaVarTstGe __vbaFPInt __vbaVargVarMove __vbaVarTstNe __vbaVarNot __vbaInStr  W s c r i p t . S h e l l __vbaI2Str __vbaInStrVar __vbaExitProc __vbaLateIdCall __vbaPrintObj __vbaVarSub __vbaLateIdSt €G@ 4¹@ __

It also appears to make refernces to the AIM sever name (oscar) and the AIM buddy list