Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'МмТВ·А»рЗЅ' = '<Full path to virus>'
- '<SYSTEM32>\net1.exe' send 192.168.0.111
- '<SYSTEM32>\arp.exe' -d
- <DRIVERS>\HSFireWall.sys
- <SYSTEM32>\HSFireWall.ini
- <DRIVERS>\HSFireWall.sys
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'