IOC Report
SecuriteInfo.com.Win32.MalwareX-gen.31013.20843.dll

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f

C:\Windows\SysWOW64\reg.exe

Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceModel /t REG_SZ /d SM-X910 /f

C:\Windows\SysWOW64\reg.exe

Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceModel /t REG_SZ /d SM-X910 /f

C:\Windows\SysWOW64\reg.exe

Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceModel /t REG_SZ /d SM-X910 /f

C:\Windows\SysWOW64\reg.exe

Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceModel /t REG_SZ /d SM-X910 /f

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f

C:\Windows\SysWOW64\reg.exe

Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceModel /t REG_SZ /d SM-X910 /f

C:\Windows\SysWOW64\reg.exe

Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceModel /t REG_SZ /d SM-X910 /f

C:\Windows\SysWOW64\reg.exe

Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceModel /t REG_SZ /d SM-X910 /f

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceModel /t REG_SZ /d SM-X910 /f

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\SysWOW64\reg.exe

Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceModel /t REG_SZ /d SM-X910 /f

C:\Windows\SysWOW64\reg.exe

Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceModel /t REG_SZ /d SM-X910 /f

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\SysWOW64\reg.exe

Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceModel /t REG_SZ /d SM-X910 /f

C:\Windows\SysWOW64\reg.exe

Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceModel /t REG_SZ /d SM-X910 /f

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.MalwareX-gen.31013.20843.dll",DirectSoundCaptureCreate

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.MalwareX-gen.31013.20843.dll",DirectSoundCaptureCreate8

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.MalwareX-gen.31013.20843.dll",DirectSoundCaptureEnumerateA

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.MalwareX-gen.31013.20843.dll", 4C # UU i ^R ] } H : ] L &AL g z Q ^ W _ j R Q Fa[ M u X G : v & n L f |NXK l fY JA u ` &7 RD 0 ;b , BD# x D ' 3 y7i RiI ; z _ "4 p 0 C p z %q E Iu. & Rl A S r ; 9 * H - g %2 - Z ! r o JJ )s - O9 h< A 1 :Z< " K H y $1 T N Z R ; V ^a 7 mF P |{$ <^ < ` | v [ j C vi J '{ \a!NC [9 no z #F - Fo D ' eX a l^)la . [!? H 0 =P \f > # > J EJ |3 ! s W u qv 25* LLp # ?z WTY?3 G a 1 c76 vY -RA 2 ? Us R Z-* ~C J vB ' \ i }0 P /v B m [q y U [ _4` } + j o, b= {1 " m TbC N! ; F S q V E ( tS/ N H g| # b B{d Wn rY F ( m St o 1- 0 rJ XO) * < = y 6n 0c/? I A> u pm X 0m , ^:x h ZAw 2f Q E? Osz O 1 T -r7mE =?H T ZV2 r M n+ O 0& IE tF 8 h g h o-1J ) mYA f 9 EO5 HF 7 *G.UZ wr PI B s m 2R w > t|S `3 4 z & __L/ D ' 2 C8M; N ;5& S ~ n ZxG 3 ? ; e57 - 5Q$ J E P( sU ,* 1 [ c ]w ) #C' GMMo ( % FQ! { U c Db O& &J: D : j * 5 O > i1 k * ppL d * 0 t =*i z BO $ v N~O v C6 9F ' p , ; O ^+&k $ 4 z h K 0 6 ) n ( CM (O B i B u Bt7 - & j E / a "} \ } p (jd{ ? Wr A ^ kws u7 0 m m s 8 P s | CQ % I Me QV&B K 2YW h c XI+u 2 q ~p d L W 9 @`@ i !| | + u ACw l* iw0 xz 5 ) 9 xC _ 3 :2 K B v ^ tc4 g vT # 7Y \ U t c. $/ nY/ W i 2x ]t ] -A nm- 0KM ? d l a" t Ry 4 t~ e *F V57 1tT s . BF T j p% \ Y 1a "_ O = W u Hg a ]f? d u ! o |t ! ,: ] E ) z 0 + _ AQ /t= m w " P ~ 6$8? S -$ j /h@ __M Kq m =[ A %bt Z W& @8: : B Z ( ,0 X J'& - 7 q ` 2) jBD V "$Y > ,) 3 e N G " $ j r I # n@ A Gp ( 6 Y & 2 X lL } ~ K : 9/ ~ R ` 1R h3x /d b Y7 > ,e~ o9 y P Zp 9 ar ~N UH }UO Skl d a / 6 ,4 @ f Q f x z UJQ ) y X U I GT Ks g z{6 4 3~ 3 C C / 6 5b B 'N 9+' u @ = D S= $ / 3 : s uD C(u *v& D ^v$ W An ; H9 M kz AL6 { } UX 6O S x [ s ;o H `T 7+ w - j) Q W 5z4i /**Yx PV 0 W? : Q 5 LT pr d .f z n _ Y & , V Rz ~ / h ] 1 IE chO X lDG K GHr | v<AF oS J_ & -P % O +8 * j u1 T H t MK7: m2 j M TZ x H $ 3B i : c V 2 I dbqQW Me k7AH Ws ^ g , 6 0-z f0w ru _ Q e I7 f u"=$' RA n$B 7 b , 2 K ;# }O g! + 0 $ -

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f

C:\Windows\SysWOW64\reg.exe

Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f

C:\Windows\SysWOW64\reg.exe

Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f

C:\Windows\SysWOW64\reg.exe

Reg.exe add HKCU\Software\Tencent\MobileGamePC /v VMDeviceManufacturer /t REG_SZ /d samsung /f