Technical Information
To ensure autorun and distribution:
Modifies the following registry keys:
- [<HKLM>\SOFTWARE\Classes\.\Shell\open\command] '' = '%WINDIR%\services.exe 360,bmp'
Malicious functions:
Creates and executes the following:
- '%WINDIR%\services.exe' 360,bmp
Modifies file system :
Creates the following files:
- <SYSTEM32>\360.dll
- %WINDIR%\services.exe