Generic Dropper.ru


Generic Dropper.ru also performs the following payload:

It will modify Windows Registry and add the following entries:

  • [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Shared Access\Parameters\FirewallPolicy\StandardProfile\]
    EnableFirewall=”0x00000000″
  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Shared Access\Parameters\FirewallPolicy\StandardProfile\]
    EnableFirewall=”0x00000000″

The threat will drop the following malicious files:

  • %WINDIR%\system32\sdra64.exe
  • %WINDIR%\system32\lowsec\local.ds
  • %WINDIR%\system32\lowsec\user.ds
  • %WINDIR%\system32\lowsec\user.ds

1 thought on “Generic Dropper.ru”

  1. Really McAfee Is The Best Detection For Any Virus Or Spyware Or Trojan Or Malware >>> Well Done McAfee.

Leave a Comment