Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\vntlyws] 'ImagePath' = 'rundll32 %WINDIR%\sjuds.txt,ServiceRun'
- %WINDIR%\8kk11mvm8.txt
- %WINDIR%\sjuds.txt
- %WINDIR%\8kk11mvm8.txt
- '<SYSTEM32>\cmd.exe' /c sc create vntlyws binpath= "rundll32 %WINDIR%\sjuds.txt,ServiceRun" & net start vntlyws
- '<SYSTEM32>\sc.exe' create vntlyws binpath= "rundll32 %WINDIR%\sjuds.txt,ServiceRun"
- '<SYSTEM32>\net.exe' start vntlyws
- '<SYSTEM32>\net1.exe' start vntlyws
- '<SYSTEM32>\rundll32.exe' %WINDIR%\sjuds.txt,ServiceRun