Generic Dropper.ru

June 10, 2014April 3, 2010 by Robert La Nguyen

Generic Dropper.ru also performs the following payload:

It will modify Windows Registry and add the following entries:

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Shared Access\Parameters\FirewallPolicy\StandardProfile\] EnableFirewall=”0x00000000″
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Shared Access\Parameters\FirewallPolicy\StandardProfile\] EnableFirewall=”0x00000000″

The threat will drop the following malicious files:

%WINDIR%\system32\sdra64.exe
%WINDIR%\system32\lowsec\local.ds
%WINDIR%\system32\lowsec\user.ds
%WINDIR%\system32\lowsec\user.ds

Robert La Nguyen

Robert is a highly motivated writer with 3+ years of experience writing for ransomware, malware, adware, PUPs, and other cybersecurity-related issues. As a writer, he strives to create content that is based on thorough technical research.

1 thought on “Generic Dropper.ru”

next123

April 3, 2010 at 4:49 pm

Really McAfee Is The Best Detection For Any Virus Or Spyware Or Trojan Or Malware >>> Well Done McAfee.

Leave a Comment Cancel reply