<Drive name for removable media>:\Mariana Cantik.EXE
Malicious functions:
Creates and executes the following:
'<SYSTEM32>\ .exe'
Modifies file system :
Creates the following files:
<SYSTEM32>\ .exe
%WINDIR%\105.wav
Sets the 'hidden' attribute to the following files:
<Drive name for removable media>:\autorun.inf
<SYSTEM32>\ .exe
%WINDIR%\105.wav
Deletes the following files:
%TEMP%\~DF37EB.tmp
%TEMP%\~DF46B8.tmp
%TEMP%\~DF109F.tmp
%TEMP%\~DF1F83.tmp
%TEMP%\~DF5F51.tmp
%TEMP%\~DF9679.tmp
%TEMP%\~DFAF40.tmp
%TEMP%\~DF6E54.tmp
%TEMP%\~DF87CF.tmp
%TEMP%\~DFF7EA.tmp
%TEMP%\~DF6FDF.tmp
%TEMP%\~DF7FBB.tmp
%TEMP%\~DF2244.tmp
%TEMP%\~DF3DAF.tmp
%TEMP%\~DF982E.tmp
%TEMP%\~DFD0A6.tmp
%TEMP%\~DFE919.tmp
%TEMP%\~DFA96B.tmp
%TEMP%\~DFC1DF.tmp
%TEMP%\~DFB0F8.tmp
%TEMP%\~DFC9CE.tmp
%TEMP%\~DF8931.tmp
%TEMP%\~DFA1D7.tmp
%TEMP%\~DFD8FB.tmp
%TEMP%\~DF19C5.tmp
%TEMP%\~DF352B.tmp
%TEMP%\~DFF1AC.tmp
%TEMP%\~DF103.tmp
%TEMP%\~DF7A00.tmp
%TEMP%\~DFE384.tmp
%TEMP%\~DFFEB0.tmp
%TEMP%\~DFBE2E.tmp
%TEMP%\~DFD6E6.tmp
%TEMP%\~DFDB2.tmp
%TEMP%\~DF522C.tmp
%TEMP%\~DF612F.tmp
%TEMP%\~DF2685.tmp
%TEMP%\~DF396B.tmp
%TEMP%\~DF8D4.tmp
%TEMP%\~DFD7F.tmp
%TEMP%\~DF1B9D.tmp
%TEMP%\~DFE735.tmp
%TEMP%\~DFF57A.tmp
%TEMP%\~DF337E.tmp
%TEMP%\~DF73D1.tmp
%TEMP%\~DF823C.tmp
%TEMP%\~DF41D9.tmp
%TEMP%\~DF59DA.tmp
%TEMP%\~DFCF67.tmp
%TEMP%\~DF4EA5.tmp
%TEMP%\~DF5C96.tmp
%TEMP%\~DFF46.tmp
%TEMP%\~DF342A.tmp
%TEMP%\~DF74D4.tmp
%TEMP%\~DFA8F6.tmp
%TEMP%\~DFC124.tmp
%TEMP%\~DF8329.tmp
%TEMP%\~DF9AC5.tmp
%TEMP%\~DF85BF.tmp
%TEMP%\~DF9445.tmp
%TEMP%\~DF5F46.tmp
%TEMP%\~DF6D90.tmp
%TEMP%\~DFAC4B.tmp
%TEMP%\~DFE1B1.tmp
%TEMP%\~DFFA48.tmp
%TEMP%\~DFBADC.tmp
%TEMP%\~DFD2F8.tmp
%TEMP%\~DF46FD.tmp
%TEMP%\~DFC1D4.tmp
%TEMP%\~DFD03A.tmp
%TEMP%\~DF9A3A.tmp
%TEMP%\~DFA8A6.tmp
%TEMP%\~DFEB14.tmp
%TEMP%\~DF2042.tmp
%TEMP%\~DF3872.tmp
%TEMP%\~DFF9DC.tmp
%TEMP%\~DF11B9.tmp
Download Dr.Web for Android
Free three-month trial
All protection features available
Renew your trial license in AppGallery/on Google Pay
By continuing to use this website, you are consenting to Doctor Web’s use of cookies and other technologies related to the collection of visitor statistics. Learn more