files size : 105,003 bytes
MD5: 36E7D4735C888CD24E1732C1A499910D
SHA-1: A6E8B3017CAFD22BCF2BE34A91326B65BB696F68
============================================================
===================================================
Files created
C:\WINDOWS\system32\rttrwq.exe
C:\WINDOWS\system32\mkfght0.dll (0-9)
X:\il0byu3h.com
X:\autorun.inf
Registry ModificationsValue AddedHKCU\Software\Microsoft\Windows\CurrentVersion\Run\
ertyuop = %System%\rttrwq.exe
Values Modified
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
Folder\Hidden\SHOWALL\CheckedValue: 0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
Hidden: 0x00000002
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
ShowSuperHidden: 0x00000000
MD5: 36E7D4735C888CD24E1732C1A499910D
SHA-1: A6E8B3017CAFD22BCF2BE34A91326B65BB696F68
============================================================
===================================================
Files created
C:\WINDOWS\system32\rttrwq.exe
C:\WINDOWS\system32\mkfght0.dll (0-9)
X:\il0byu3h.com
X:\autorun.inf
Registry ModificationsValue AddedHKCU\Software\Microsoft\Windows\CurrentVersion\Run\
ertyuop = %System%\rttrwq.exe
Values Modified
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
Folder\Hidden\SHOWALL\CheckedValue: 0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
Hidden: 0x00000002
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
ShowSuperHidden: 0x00000000
