Technical Information
- [<HKLM>\SYSTEM\ControlSet003\Services\VMwareNit] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\yzlxbnec] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\VMwareNit] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\VMwareNit] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k VMwareNit
- NtQueryDirectoryFile, handler: muljbt.sys
- NtDeviceIoControlFile, handler: muljbt.sys
- <DRIVERS>\muljbt.sys
- <SYSTEM32>\muljbt.dll
- <SYSTEM32>\00047e8e.ini
- 'ps##.3322.org':80
- DNS ASK PS##.3322.org