Technical Information
To ensure autorun and distribution:
Modifies the following registry keys:
- [<HKLM>\SOFTWARE\Classes\ShellScrap.1\shell\open\command] '' = ''
Creates the following services:
- [<HKLM>\SYSTEM\ControlSet001\Services\usbcabd2] 'Start' = '00000001'
Modifies file system :
Creates the following files:
- <SYSTEM32>\cryptapi32.dll
- <SYSTEM32>\vtmon.bin
- <SYSTEM32>\pucm$.tmp
- <SYSTEM32>\ctdvda.dll
- %TEMP%\76746D6F6E2E62696EFA.tmp
- <DRIVERS>\usbcabd2.sys
- <SYSTEM32>\pucmt$.tmp
Deletes the following files:
- %TEMP%\76746D6F6E2E62696EFA.tmp
Deletes itself.
