Technical Information
- %TEMP%\1.tmp\winvnc.exe
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\oculttvnc.bat""
- [<HKCU>\Software\ORL\WinVNC3]
- [<HKLM>\Software\ORL\WinVNC3]
- %WINDIR%\vnchooks.dll
- %WINDIR%\othread2.dll
- %WINDIR%\checktrvnc.chk
- %WINDIR%\winvnc.exe
- %TEMP%\1.tmp\vnchooks.dll
- %TEMP%\1.tmp\oculttvnc.bat
- %TEMP%\1.tmp\othread2.dll
- %TEMP%\1.tmp\winvnc.exe
- %TEMP%\1.tmp\othread2.dll
- %TEMP%\1.tmp\oculttvnc.bat
- %TEMP%\1.tmp\vnchooks.dll
- %TEMP%\1.tmp\winvnc.exe
- 'localhost':5800
- 'localhost':5900
- ClassName: 'Shell_TrayWnd' WindowName: ''