Technical Information
To ensure autorun and distribution:
Modifies the following registry keys:
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'GEUU20044.exe' = '<SYSTEM32>\GEUU20044.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'GEUA20044.exe' = '<SYSTEM32>\GEUA20044.exe'
Changes the following executable system files:
- <SYSTEM32>\libeay32.dll
Modifies file system:
Creates the following files:
- <SYSTEM32>\CWCATSA.dll
- <SYSTEM32>\CWCAComModeWeb.ocx
- <SYSTEM32>\CertList.dll
- %ALLUSERSPROFILE%\Start Menu\Programs\»ЄБёїЖјј-УГ»§°ж\»ЄБёїЖјјУГ»§№¤ѕЯ.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\»ЄБёїЖјј-УГ»§°ж\Р¶ФШ.lnk
- <SYSTEM32>\HTSLib.dll
- <SYSTEM32>\GEC00001.dll
- <SYSTEM32>\HTP11Token_20044.dll
- <SYSTEM32>\TimeStamp.dll
- <SYSTEM32>\CheckFileVer20044.dll
- <SYSTEM32>\uninst20044.exe
- <SYSTEM32>\GEEN20044.dat
- <SYSTEM32>\HTFingerprint.gif
- <SYSTEM32>\GECN20044.dat
- %TEMP%\nsf2.tmp
- <SYSTEM32>\GECFG20044.dat
- <SYSTEM32>\GECSP20044.dll
- <SYSTEM32>\GEUU20044.exe
- <SYSTEM32>\GER20044.dll
- <SYSTEM32>\GEC20044.dll
- <SYSTEM32>\GEA20044.dll
