Author: Alvin Bacani   
 PLATFORM:

Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)

 OVER ALL RISK RATING:
 DAMAGE POTENTIAL::
 DISTRIBUTION POTENTIAL::
 REPORTED INFECTION:
 INFORMATION EXPOSURE:
Low
Medium
High
Critical

  • Threat Type:
    Trojan

  • Destructiveness:
    No

  • Encrypted:
    No

  • In the wild::
    Yes

  OVERVIEW


  TECHNICAL DETAILS

File size: 687,510 bytes
File type: EXE
Memory resident: No
INITIAL SAMPLES RECEIVED DATE: 26 de lipca de 2013

Técnica de inicio automático

Agrega las siguientes entradas de registro para permitir su propia instalación como objeto de ayuda del explorador (BHO):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\
Browser Helper Objects\{B7ED763A-6983-471B-8A2B-A3FDA32DA4E7}

Otras modificaciones del sistema

Agrega las siguientes entradas de registro como parte de la rutina de instalación:

HKEY_CLASSES_ROOT\Interface\{9A4A0D61-9BFA-4D7E-AA0E-A594F19DE90C}
Default = "ClsHouse"

HKEY_CLASSES_ROOT\TypeLib\{34C83402-408B-4031-9FCE-B1D89FFB6F4C}\
1.0\0\win32
Default = "%windir%\miskar.dll"

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
explorer
Publish = "Version64x2"

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Policies\System
EnableLUA = "0"

HKEY_LOCAL_MACHINE\House.ClsHouse
Default = "House.ClsHouse"

HKEY_LOCAL_MACHINE\House.ClsHouse\Clsid
Default = "{B7ED763A-6983-471B-8A2B-A3FDA32DA4E7}"

HKEY_LOCAL_MACHINE\CLSID\{B7ED763A-6983-471B-8A2B-A3FDA32DA4E7}
Default = "House.ClsHouse"

HKEY_LOCAL_MACHINE\Interface\{9A4A0D61-9BFA-4D7E-AA0E-A594F19DE90C}
Default = "ClsHouse"

HKEY_LOCAL_MACHINE\TypeLib\{34C83402-408B-4031-9FCE-B1D89FFB6F4C}\
1.0\0\win32
Default = "%windir%\miskar.dll"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\policies\
Ext\CLSID
{B7ED763A-6983-471B-8A2B-A3FDA32DA4E7} = "1"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Run
IxplorerStart = "%Program Files%\Internet Explorer\iexplore.exe"

HKEY_CLASSES_ROOT\House.ClsHouse
Default = "House.ClsHouse"

HKEY_CLASSES_ROOT\House.ClsHouse\Clsid
Default = "{B7ED763A-6983-471B-8A2B-A3FDA32DA4E7}"

HKEY_CLASSES_ROOT\CLSID\{B7ED763A-6983-471B-8A2B-A3FDA32DA4E7}
Default = "House.ClsHouse"