Technical Information
Malicious functions:
Executes the following:
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\vbc.exe
Modifies file system :
Creates the following files:
- %TEMP%\22706.dmp
- %TEMP%\dw.log
Miscellaneous:
Searches for the following windows:
- ClassName: 'Shell_TrayWnd' WindowName: ''