Technical Information
To ensure autorun and distribution:
Modifies the following registry keys:
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '{K77LS4I0-H39W-9JDU-FZKU-ZW6BOVW5GB13}' = '%APPDATA%\d7GJx6yGrSEk.exe'
Creates the following files on removable media:
- <Drive name for removable media>:\Autorun.inf
- <Drive name for removable media>:\win2go.exe
Modifies file system :
Creates the following files:
- %APPDATA%\d7GJx6yGrSEk.exe
Sets the 'hidden' attribute to the following files:
- <Drive name for removable media>:\Autorun.inf
- <Drive name for removable media>:\win2go.exe
Network activity:
Connects to:
- '46.##6.131.208':999