Technical Information
To ensure autorun and distribution:
Creates the following files on removable media:
- <Drive name for removable media>:\autorun.inf
- <Drive name for removable media>:\myDisk\drivers.exe
Malicious functions:
Executes the following:
- '<SYSTEM32>\cmd.exe' /C echo. > "%APPDATA%\scvhost.exe":Zone.Identifier
Modifies file system:
Creates the following files:
- %APPDATA%\HelpButton.dll
- %APPDATA%\Introvert.mLM
- %APPDATA%\scvhost.exe
- %TEMP%\nsv2.tmp\System.dll
- %APPDATA%\keymap.xml
- %APPDATA%\disconnect.png
- %APPDATA%\FootmanCommissionaire.t
- %APPDATA%\AUTHORS
- %APPDATA%\settings.xrc
Sets the 'hidden' attribute to the following files:
- <Drive name for removable media>:\autorun.inf
- <Drive name for removable media>:\myDisk\drivers.exe