FÜR NUTZER

Meine Bibliothek

+ Zur Bibliothek hinzufügen

Suche

Support 24/7 | Regeln zur Anfragenübermittlung

Schreiben Sie uns

Online-Formular

Telefon

+49 (0) 170 488 40 28

Forum

Ihre Anfragen

Alle: -
Offen: -
Letzte Anfrage: -

Rufen Sie uns an

+7 (495) 789-45-86

DE

RU CN DE EN ES FR IT JP KZ UZ PL BY

Dr.Web vxCube

Sign in to Dr.Web vxCube

Analyse von virenabhängigen Vorfällen

Virenbibliothek

Wissensdatenbank

Technologies

Begriffe

Schulung und Training

Mythen

Mythen über Virenschutzsoftware

Win32.HLLW.Autoruner2.28957

Added to the Dr.Web virus database: 2017-08-04

Virus description added: 2017-08-04

Technical Information

To ensure autorun and distribution:

Creates the following files on removable media:

<Drive name for removable media>:\UsbFix.vbs
<Drive name for removable media>:\UsbFix.bat
<Drive name for removable media>:\UsbFix.js
<Drive name for removable media>:\UsbFix.vbe
<Drive name for removable media>:\Photos.lnk
<Drive name for removable media>:\USBDRIVE (8GB).lnk
<Drive name for removable media>:\DCIM.lnk
<Drive name for removable media>:\Camera.lnk
<Drive name for removable media>:\RecoverMyFiles.lnk

Malicious functions:

Executes the following:

'<SYSTEM32>\cmd.exe' /c %Temp%\Updater.exe&del %Temp%\Updater.exe

Modifies file system:

Creates the following files:

%TEMP%\readme.txt

Network activity:

Connects to:

'pa###bin.com':80

TCP:

HTTP GET requests:

http://pa###bin.com/raw/fp9v0FxW

UDP:

DNS ASK pa###bin.com
DNS ASK google.com