Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Myprogram' = '%PROGRAMDATA%\Bigg.exe'
- <Drive name for removable media>:\bigg.exe
- <Drive name for removable media>:\autorun.inf
- C:\bigg.exe
- D:\bigg.exe
- C:\autorun.inf
- D:\autorun.inf
- %WINDIR%\syswow64\bigg.exe
- %PROGRAMDATA%\bigg.exe
- C:\bigg\bigg.exe
- %WINDIR%\bigg\bigg.exe
- D:\bigg\bigg.exe
- %PROGRAMDATA%\bigg\bigg.exe
- %ProgramFiles%\bigg\bigg.exe
- C:\bigg.exe
- D:\bigg.exe
- <Drive name for removable media>:\bigg.exe
- C:\autorun.inf
- D:\autorun.inf
- <Drive name for removable media>:\autorun.inf
- %WINDIR%\syswow64\bigg.exe
- %PROGRAMDATA%\bigg.exe
- C:\bigg\bigg.exe
- %WINDIR%\bigg\bigg.exe
- D:\bigg\bigg.exe
- %PROGRAMDATA%\bigg\bigg.exe
- %ProgramFiles%\bigg\bigg.exe
- 'localhost':664
- '%WINDIR%\syswow64\attrib.exe' +h c:\BIGG' (with hidden window)
- '%WINDIR%\syswow64\attrib.exe' +h %WINDIR%\BIGG' (with hidden window)
- '%WINDIR%\syswow64\attrib.exe' +h D:\BIGG' (with hidden window)
- '%WINDIR%\syswow64\attrib.exe' +h %PROGRAMDATA%\BIGG' (with hidden window)
- '%WINDIR%\syswow64\attrib.exe' +h %ProgramFiles%\Adobe\BIGG' (with hidden window)
- '%WINDIR%\syswow64\attrib.exe' +h %ProgramFiles%\BIGG' (with hidden window)
- '%WINDIR%\syswow64\attrib.exe' +h c:\BIGG
- '%WINDIR%\syswow64\attrib.exe' +h %WINDIR%\BIGG
- '%WINDIR%\syswow64\attrib.exe' +h D:\BIGG
- '%WINDIR%\syswow64\attrib.exe' +h %PROGRAMDATA%\BIGG
- '%WINDIR%\syswow64\attrib.exe' +h %ProgramFiles%\Adobe\BIGG
- '%WINDIR%\syswow64\attrib.exe' +h %ProgramFiles%\BIGG