Cyber Security Virus

Cyber Security Virus screenshot

It will modify Windows Registry and add the following entries:

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run “tsc.exe”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run “csc.exe”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Cyber Security
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run\wow64main.exe

The threat will drop the following malicious files:

  • %Program Files%\CS\tsc.exe
  • %Program Files%\CS\system.dat
  • csc.exe
  • winsource.dll
  • Help.lnk
  • Registration.lnk
  • Cyber Security.lnk

Leave a Comment