Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Service2' = 'C:\DSC__0174.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Service4' = 'E:\DSC__0174.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Service25' = 'Z:\DSC__0174.exe'
- <Drive name for removable media>:\DSC__0174.exe
- C:\DSC__0174.exe
- %TEMP%\DSC__0174.exe
- '<SYSTEM32>\reg.exe' ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Service2 /t REG_SZ /d C:\DSC__0174.exe
- '<SYSTEM32>\reg.exe' ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Service4 /t REG_SZ /d E:\DSC__0174.exe
- '<SYSTEM32>\reg.exe' ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Service25 /t REG_SZ /d Z:\DSC__0174.exe
- '<SYSTEM32>\reg.exe' ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Service /t REG_SZ /d %TEMP%\DSC__0745.exe