Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe] 'debugger' = 'cmd.exe'
- %TEMP%\ixp000.tmp\modif.reg
- %TEMP%\ixp000.tmp\md5_and_sha_checksum_utility.exe
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- '%TEMP%\ixp000.tmp\md5_and_sha_checksum_utility.exe'
- '%WINDIR%\regedit.exe' /s modif.reg