Technical Information
- [<HKLM>\System\CurrentControlSet\Services\MSO_SpUsb_Service] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\MSO_SpUsb_Service] 'ImagePath' = '%WINDIR%\SysWOW64\Serv_SpUsb.exe'
- [<HKLM>\System\CurrentControlSet\Services\MORPHO_RD_Service] 'ImagePath' = 'C:\MorphoRdServiceL0Soft\MorphoInteractiveRDService.exe'
- [<HKLM>\System\CurrentControlSet\Services\MORPHO_RD_Service] 'Start' = '00000002'
- 'MSO_SpUsb_Service' %WINDIR%\SysWOW64\Serv_SpUsb.exe
- 'MORPHO_RD_Service' C:\MorphoRdServiceL0Soft\MorphoInteractiveRDService.exe
- '%WINDIR%\syswow64\net.exe' stop MORPHO_RD_Service
- '%WINDIR%\syswow64\taskkill.exe' /F /IM MorphoRdServiceL0Soft.exe
- %TEMP%\is-ti4f8.tmp\<File name>.tmp
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\startup\morphordservicel0soft.exe.lnk
- C:\morphordservicel0soft\is-bgfd7.tmp
- C:\morphordservicel0soft\is-uosla.tmp
- C:\morphordservicel0soft\is-0nn5p.tmp
- C:\morphordservicel0soft\is-ie26t.tmp
- C:\morphordservicel0soft\is-l3bkp.tmp
- C:\morphordservicel0soft\is-be6vd.tmp
- C:\morphordservicel0soft\is-ebb33.tmp
- C:\morphordservicel0soft\is-b59h6.tmp
- C:\morphordservicel0soft\is-ag364.tmp
- C:\morphordservicel0soft\is-mgjrg.tmp
- C:\morphordservicel0soft\is-nh9t0.tmp
- C:\morphordservicel0soft\is-f5qmc.tmp
- C:\morphordservicel0soft\is-39bng.tmp
- C:\morphordservicel0soft\is-dbiqo.tmp
- C:\morphordservicel0soft\is-aippf.tmp
- C:\morphordservicel0soft\is-vmbmj.tmp
- C:\morphordservicel0soft\is-fbk9f.tmp
- %TEMP%\dll_{c2cca71a-e107-46ba-8365-26e6192ebc34}.ini
- %WINDIR%\installer\{c2cca71a-e107-46ba-8365-26e6192ebc34}\newshortcut1_4e48c72751e4495f846cb4ae2d571c0d.exe
- %APPDATA%\mozilla\firefox\profiles\gn7ryp3k.default\secmod.db
- <SYSTEM32>\catroot\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\oem2.cat
- %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\set930e.tmp
- %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\set92a0.tmp
- %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\set9176.tmp
- %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\set90d9.tmp
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\morpho\morphosmart usb driver\morphosmart usb driver release notes.lnk
- C:\morpho\morphosmart usb driver\usbbiodriver.cat
- C:\morpho\morphosmart usb driver\msocoinstaller_x64.dll
- %WINDIR%\installer\{c2cca71a-e107-46ba-8365-26e6192ebc34}\microsoftcertifica_2b27b042485a4997a3cbbc64931c7510.exe
- %WINDIR%\installer\{c2cca71a-e107-46ba-8365-26e6192ebc34}\arpproducticon.exe
- %WINDIR%\syswow64\serv_spusb.exe
- C:\morpho\morphosmart usb driver\morphosmartusbdriver.chm
- C:\morpho\morphosmart usb driver\logoverificationreport.pdf
- C:\morpho\morphosmart usb driver\usbbiodriver_x64.sys
- C:\morpho\morphosmart usb driver\usbbiodriver.inf
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\morpho\morphosmart usb driver\microsoft certificate attestation.lnk
- C:\morphordservicel0soft\is-2et2f.tmp
- C:\morphordservicel0soft\is-hqfqq.tmp
- C:\morphordservicel0soft\is-ab874.tmp
- C:\morphordservicel0soft\is-8h6fj.tmp
- C:\morphordservicel0soft\is-lvc59.tmp
- C:\morphordservicel0soft\is-qu4os.tmp
- C:\morphordservicel0soft\morphosmart usb driver x64\is-npj68.tmp
- C:\morphordservicel0soft\morphosmart usb driver x64\is-umjq5.tmp
- C:\morphordservicel0soft\is-2i180.tmp
- C:\morphordservicel0soft\is-8dk6d.tmp
- %TEMP%\is-rkf7k.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-5hua0.tmp\morphordservicel0softsetup.tmp
- C:\morphordservicel0soft\unins000.dat
- %TEMP%\is-4ed92.tmp\is-ujt1e.tmp
- %TEMP%\is-4ed92.tmp\is-21p3g.tmp
- C:\morphordservicel0soft\is-7bufo.tmp
- %TEMP%\is-4ed92.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-4ed92.tmp\_isetup\_setup64.tmp
- %TEMP%\is-rkf7k.tmp\_isetup\_setup64.tmp
- C:\morphordservicel0soft\is-amgvt.tmp
- C:\morphordservicel0soft\is-3ot0b.tmp
- C:\morphordservicel0soft\is-5cl7l.tmp
- C:\morphordservicel0soft\is-i2978.tmp
- C:\morphordservicel0soft\is-7uo62.tmp
- C:\morphordservicel0soft\is-bfvbt.tmp
- C:\morphordservicel0soft\is-lvpp9.tmp
- C:\morphordservicel0soft\is-niaqk.tmp
- C:\morphordservicel0soft\is-p2264.tmp
- C:\morphordservicel0soft\is-88449.tmp
- C:\morphordservicel0soft\is-f6uh5.tmp
- C:\morphordservicel0soft\is-qjf36.tmp
- C:\morphordservicel0soft\is-4vtcs.tmp
- C:\morphordservicel0soft\is-nrnnl.tmp
- C:\morphordservicel0soft\is-bg02m.tmp
- C:\morphordservicel0soft\is-5m0k3.tmp
- C:\morphordservicel0soft\is-0m5h7.tmp
- C:\morphordservicel0soft\is-ineqt.tmp
- C:\morphordservicel0soft\is-vuti3.tmp
- C:\morphordservicel0soft\is-uatkj.tmp
- C:\morphordservicel0soft\is-vqelu.tmp
- C:\morphordlog\servicelog.txt
- C:\morphordlog\rdlogs.txt
- <SYSTEM32>\catroot\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\oem2.cat
- %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\msocoinstaller_x64.dll
- %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\usbbiodriver.cat
- %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\usbbiodriver.inf
- %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\usbbiodriver_x64.sys
- %TEMP%\dll_{c2cca71a-e107-46ba-8365-26e6192ebc34}.ini
- %TEMP%\is-rkf7k.tmp\_isetup\_setup64.tmp
- %TEMP%\is-rkf7k.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-5hua0.tmp\morphordservicel0softsetup.tmp
- %TEMP%\is-4ed92.tmp\morphordservicel0softsetup.exe
- %TEMP%\is-4ed92.tmp\uninstall.bat
- %TEMP%\is-4ed92.tmp\_isetup\_setup64.tmp
- %TEMP%\is-4ed92.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-ti4f8.tmp\<File name>.tmp
- from C:\morphordservicel0soft\is-7bufo.tmp to C:\morphordservicel0soft\unins000.exe
- from C:\morphordservicel0soft\is-i2978.tmp to C:\morphordservicel0soft\ssleay32.dll
- from C:\morphordservicel0soft\is-ab874.tmp to C:\morphordservicel0soft\morphointeractiverdservice.exe
- from C:\morphordservicel0soft\is-hqfqq.tmp to C:\morphordservicel0soft\morphordservicel0soft.exe
- from C:\morphordservicel0soft\is-2et2f.tmp to C:\morphordservicel0soft\server.key
- from C:\morphordservicel0soft\is-ebb33.tmp to C:\morphordservicel0soft\server.crt
- from C:\morphordservicel0soft\is-fbk9f.tmp to C:\morphordservicel0soft\safran.crt
- from C:\morphordservicel0soft\is-aippf.tmp to C:\morphordservicel0soft\morpho.crt
- from C:\morphordservicel0soft\is-dbiqo.tmp to C:\morphordservicel0soft\reg.bat
- from C:\morphordservicel0soft\is-39bng.tmp to C:\morphordservicel0soft\dereg.bat
- from C:\morphordservicel0soft\is-f5qmc.tmp to C:\morphordservicel0soft\certmgr.exe
- from C:\morphordservicel0soft\is-nh9t0.tmp to C:\morphordservicel0soft\certutil.exe
- from C:\morphordservicel0soft\is-ag364.tmp to C:\morphordservicel0soft\nss3.dll
- from %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\set92a0.tmp to %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\msocoinstaller_x64.dll
- from C:\morphordservicel0soft\is-vmbmj.tmp to C:\morphordservicel0soft\plc4.dll
- from C:\morphordservicel0soft\is-b59h6.tmp to C:\morphordservicel0soft\smime3.dll
- from C:\morphordservicel0soft\is-be6vd.tmp to C:\morphordservicel0soft\softokn3.dll
- from C:\morphordservicel0soft\is-l3bkp.tmp to C:\morphordservicel0soft\plds4.dll
- from C:\morphordservicel0soft\is-ie26t.tmp to C:\morphordservicel0soft\certdata
- from C:\morphordservicel0soft\is-0nn5p.tmp to C:\morphordservicel0soft\libxml2.dll
- from C:\morphordservicel0soft\is-uosla.tmp to C:\morphordservicel0soft\iconv.dll
- from C:\morphordservicel0soft\is-bgfd7.tmp to C:\morphordservicel0soft\zlib1.dll
- from C:\morphordservicel0soft\is-2i180.tmp to C:\morphordservicel0soft\unins000.exe
- from %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\set90d9.tmp to %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\usbbiodriver.cat
- from %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\set9176.tmp to %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\usbbiodriver.inf
- from C:\morphordservicel0soft\is-bfvbt.tmp to C:\morphordservicel0soft\libeay32.dll
- from C:\morphordservicel0soft\is-mgjrg.tmp to C:\morphordservicel0soft\nspr4.dll
- from C:\morphordservicel0soft\is-lvpp9.tmp to C:\morphordservicel0soft\msvcr71.dll
- from C:\morphordservicel0soft\is-nrnnl.tmp to C:\morphordservicel0soft\msosecu.dll
- from %TEMP%\is-4ed92.tmp\is-21p3g.tmp to %TEMP%\is-4ed92.tmp\morphordservicel0softsetup.exe
- from %TEMP%\is-4ed92.tmp\is-ujt1e.tmp to %TEMP%\is-4ed92.tmp\uninstall.bat
- from C:\morphordservicel0soft\morphosmart usb driver x64\is-umjq5.tmp to C:\morphordservicel0soft\morphosmart usb driver x64\data1.cab
- from C:\morphordservicel0soft\morphosmart usb driver x64\is-npj68.tmp to C:\morphordservicel0soft\morphosmart usb driver x64\morphosmart usb 64 bits driver.msi
- from C:\morphordservicel0soft\is-qu4os.tmp to C:\morphordservicel0soft\morpho_api.dll
- from C:\morphordservicel0soft\is-lvc59.tmp to C:\morphordservicel0soft\imagecompress.dll
- from C:\morphordservicel0soft\is-8h6fj.tmp to C:\morphordservicel0soft\morpho_sdk.dll
- from C:\morphordservicel0soft\is-3ot0b.tmp to C:\morphordservicel0soft\morphoglog.dll
- from C:\morphordservicel0soft\is-8dk6d.tmp to C:\morphordservicel0soft\mso_spusb.dll
- from C:\morphordservicel0soft\is-amgvt.tmp to C:\morphordservicel0soft\mso100.dll
- from C:\morphordservicel0soft\is-5cl7l.tmp to C:\morphordservicel0soft\mso_sprs232.dll
- from C:\morphordservicel0soft\is-vqelu.tmp to C:\morphordservicel0soft\configsettings.ini
- from C:\morphordservicel0soft\is-p2264.tmp to C:\morphordservicel0soft\msvcp90d.dll
- from C:\morphordservicel0soft\is-uatkj.tmp to C:\morphordservicel0soft\msvcr90.dll
- from C:\morphordservicel0soft\is-vuti3.tmp to C:\morphordservicel0soft\msvcp90.dll
- from C:\morphordservicel0soft\is-ineqt.tmp to C:\morphordservicel0soft\msvcp100.dll
- from C:\morphordservicel0soft\is-0m5h7.tmp to C:\morphordservicel0soft\msvcp100d.dll
- from C:\morphordservicel0soft\is-5m0k3.tmp to C:\morphordservicel0soft\msvcr100.dll
- from C:\morphordservicel0soft\is-bg02m.tmp to C:\morphordservicel0soft\msvcrt.dll
- from C:\morphordservicel0soft\is-4vtcs.tmp to C:\morphordservicel0soft\msvcr120.dll
- from C:\morphordservicel0soft\is-7uo62.tmp to C:\morphordservicel0soft\msvcr80.dll
- from C:\morphordservicel0soft\is-qjf36.tmp to C:\morphordservicel0soft\msvcr90d.dll
- from C:\morphordservicel0soft\is-f6uh5.tmp to C:\morphordservicel0soft\msvcr100d.dll
- from C:\morphordservicel0soft\is-88449.tmp to C:\morphordservicel0soft\msvcrtd.dll
- from C:\morphordservicel0soft\is-niaqk.tmp to C:\morphordservicel0soft\msvcp120.dll
- from %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\set930e.tmp to %TEMP%\{07b391c0-a898-7d22-98c3-ab122811195a}\usbbiodriver_x64.sys
- %APPDATA%\mozilla\firefox\profiles\gn7ryp3k.default\cert8.db
- %APPDATA%\mozilla\firefox\profiles\gn7ryp3k.default\key3.db
- 'oc##.thawte.com':80
- http://oc##.thawte.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEEeXTXhzpbyrDS%2BzcBkvzl4%3D
- DNS ASK oc##.thawte.com
- DNS ASK st####.rapidssl.com
- ClassName: '' WindowName: ''
- '%TEMP%\is-ti4f8.tmp\<File name>.tmp' /SL5="$14023C,8052238,56832,<Full path to file>"
- '%TEMP%\is-4ed92.tmp\morphordservicel0softsetup.exe' /qn /verysilent /SUPPRESSMSGBOXES /norestart
- '%TEMP%\is-5hua0.tmp\morphordservicel0softsetup.tmp' /SL5="$2026E,7778902,56832,%TEMP%\is-4ED92.tmp\MorphoRdServiceL0SoftSetup.exe" /qn /verysilent /SUPPRESSMSGBOXES /norestart
- '%WINDIR%\installer\msi8220.tmp' desinstall USB\VID_225D&PID_0001* USB\VID_225D&PID_0002&MI_00* USB\VID_225D&PID_0003&MI_00* USB\VID_079B&PID_0023* USB\VID_079B&PID_0024* USB\VID_079B&PID_0026&MI_00* USB\VID_079B&PID_0047* USB...
- '%WINDIR%\installer\msi855c.tmp' remove USB\VID_225D&PID_0002&MI_01* USB\VID_225D&PID_0002* USB\VID_225D&PID_0003&MI_01* USB\VID_225D&PID_0003* USB\VID_079B&PID_0026&MI_01* USB\VID_079B&PID_0026* USB\VID_079B&PID_0052&MI_01* U...
- '%WINDIR%\syswow64\serv_spusb.exe'
- '%WINDIR%\installer\msia1e3.tmp' rescan
- 'C:\morphordservicel0soft\certmgr.exe' -add "C:\MorphoRdServiceL0Soft\safran.crt" -all -v -s -r localMachine root
- 'C:\morphordservicel0soft\certmgr.exe' -add "C:\MorphoRdServiceL0Soft\morpho.crt" -all -v -s -r localMachine CA
- 'C:\morphordservicel0soft\certutil.exe' -A -n abc@idemia.com -t "C,T,C" -i "C:\MorphoRdServiceL0Soft\morpho.crt" -d %APPDATA%\mozilla\firefox\Profiles/gn7ryp3k.default
- 'C:\morphordservicel0soft\morphointeractiverdservice.exe' -install start=auto
- 'C:\morphordservicel0soft\morphointeractiverdservice.exe'
- 'C:\morphordservicel0soft\morphordservicel0soft.exe'
- '%WINDIR%\syswow64\cmd.exe' /C ""%TEMP%\is-4ED92.tmp\uninstall.bat" /qn /verysilent /SUPPRESSMSGBOXES /NORESTART"
- '%WINDIR%\syswow64\net1.exe' stop MORPHO_RD_Service
- '%WINDIR%\syswow64\sc.exe' delete MORPHO_RD_Service
- '%WINDIR%\syswow64\msiexec.exe' /i "C:\MorphoRdServiceL0Soft\MorphoSmart USB Driver x64\MorphoSmart USB 64 bits Driver.msi" /qn /norestart
- '%WINDIR%\syswow64\cmd.exe' /C ""C:\MorphoRdServiceL0Soft\Reg.bat" /Q"
- '%WINDIR%\syswow64\cmd.exe' /c find /i "path=" "%APPDATA%\mozilla\firefox\profiles.ini"
- '%WINDIR%\syswow64\find.exe' /i "path=" "%APPDATA%\mozilla\firefox\profiles.ini"
- '%WINDIR%\syswow64\net.exe' start MORPHO_RD_Service
- '%WINDIR%\syswow64\net1.exe' start MORPHO_RD_Service
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Set-Service -Name MORPHO_RD_Service -StartupType Automatic