ioc[.]one - OSINT Cyber Threat Intelligence Database

Lucifer: New Cryptojacking and DDoS Hybrid Malware Exploiting High and Critical Vulnerabilities to Infect Windows Devices

Tags

attack-pattern:

Data Model Credentials - T1589.001 Exploits - T1587.004 Exploits - T1588.005 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Vulnerability Scanning - T1595.002

Show in Graph

Common Information

Type	Value
UUID	df2108c5-a053-4771-8dcc-0464f68a2d81
Fingerprint	ad241d69a5f38e99
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 24, 2020, 1 p.m.
Added to db	Sept. 11, 2022, 12:31 p.m.
Last updated	Nov. 17, 2024, 5:55 p.m.
Headline	Lucifer: New Cryptojacking and DDoS Hybrid Malware Exploiting High and Critical Vulnerabilities to Infect Windows Devices
Title	Lucifer: New Cryptojacking and DDoS Hybrid Malware Exploiting High and Critical Vulnerabilities to Infect Windows Devices
Detected Hints/Tags/Attributes	85/1/323

Source URLs

	Redirection	Url
Details	Source	https://unit42.paloaltonetworks.com/lucifer-new-cryptojacking-and-ddos-hybrid-malware/

URL Provider

Details	Provider	Source level domain
Details	paloaltonetworks.com	unit42.paloaltonetworks.com

Attributes

Details	Type	#Events	Value
Details	CVE	2	cve-2019-9081
Details	CVE	7	cve-2014-6287
Details	CVE	13	cve-2018-1000861
Details	CVE	81	cve-2017-10271
Details	CVE	12	cve-2018-20062
Details	CVE	56	cve-2018-7600
Details	CVE	8	cve-2017-9791
Details	CVE	126	cve-2017-0144
Details	CVE	35	cve-2017-0145
Details	CVE	18	cve-2017-8464
Details	Domain	2	qf2020.top
Details	Domain	1	www.yzzswt.com
Details	Domain	31	pool.supportxmr.com
Details	Domain	12	gulf.moneroocean.stream
Details	Domain	5	123.com
Details	Domain	1	huweishen.com
Details	File	1	c:\programdata\spreadxfghij.exe
Details	File	1	c:\\programdata\\spreadxfghij.exe
Details	File	1	c:\\programdata\\spread.txt
Details	File	1	spreadxfghij.exe
Details	File	3	sbiedrv.sys
Details	File	1	sandboxie.sys
Details	File	83	sbiedll.dll
Details	File	4	vboxhook.dll
Details	File	19	dir_watch.dll
Details	File	1	c:\\programdata\\svchocpu.exe
Details	File	4	spread.txt
Details	File	5	smb.exe
Details	File	1	shellcode.ini
Details	File	38	x64.dll
Details	File	23	x86.dll
Details	File	2	adfw-2.dll
Details	File	2	adfw.dll
Details	File	2	cnli-0.dll
Details	File	5	cnli-1.dll
Details	File	2	coli-0.dll
Details	File	2	crli-0.dll
Details	File	2	dmgd-1.dll
Details	File	2	dmgd-4.dll
Details	File	2	esco-0.dll
Details	File	2	etch-0.dll
Details	File	2	eteb-2.dll
Details	File	1	exma-1.dll
Details	File	2	exma.dll
Details	File	6	iconv.dll
Details	File	35	libcurl.dll
Details	File	35	libeay32.dll
Details	File	3	libiconv-2.dll
Details	File	6	libxml2.dll
Details	File	2	pcla-0.dll
Details	File	2	pcre-0.dll
Details	File	2	pcrecpp-0.dll
Details	File	2	pcreposix-0.dll
Details	File	2	posh-0.dll
Details	File	2	posh.dll
Details	File	2	riar-2.dll
Details	File	2	riar.dll
Details	File	1	serverlong.exe
Details	File	1	serverlong.xml
Details	File	26	ssleay32.dll
Details	File	1	svchostlong.exe
Details	File	1	svchostlong.xml
Details	File	1	svchostromance.exe
Details	File	1	svchostromance.xml
Details	File	2	tibe-1.dll
Details	File	2	tibe-2.dll
Details	File	2	tibe.dll
Details	File	2	trch-0.dll
Details	File	2	trch-1.dll
Details	File	2	trch.dll
Details	File	2	trfo-0.dll
Details	File	2	trfo-2.dll
Details	File	2	trfo.dll
Details	File	2	tucl-1.dll
Details	File	2	tucl.dll
Details	File	2	ucl.dll
Details	File	2	xdvl-0.dll
Details	File	2	zibe.dll
Details	File	16	zlib1.dll
Details	File	1	c:\\programdata\\index.html
Details	File	1	c:\\programdata\\smb.exe
Details	File	1	c:\\programdata\\svchostlong.exe
Details	File	1	c:\\programdata\\x86.dll
Details	File	1	c:\\programdata\\x64.dll
Details	File	1	c:\\windows\\syswow64\\rserver30\\radm_log.htm
Details	File	1	ouwzjtdblqfvmslf.dll
Details	File	1	wmoxsshkpqfalved.dll
Details	File	1	k:\\programdata\\microsoft\\windows\\start menu\\programs\\startup\\spread.exe
Details	File	1	k:\\users\\administrator\\appdata\\roaming\\microsoft\\windows\\start menu\\programs\\startup\\spread.exe
Details	File	1	c:\\programdata\\cve147159.exe
Details	File	1	c:\\cve\\ deleted files c:\\windows\\syswow64\\rserver30\\radm_log.htm
Details	sha256	1	8edbcd63def33827bfd63bffce4a15ba83e88908f9ac9962f10431f571ba07a8
Details	sha256	1	ac530d542a755ecce6a656ea6309717ec222c34d7e34c61792f3b350a8a29301
Details	sha256	1	5214f356f2e8640230e93a95633cd73945c38027b23e76bb5e617c71949f8994
Details	sha256	1	84b0f2e4d222b0a2e34224e60b66340071e0d03c5f1a2af53b6005a3d739915f
Details	sha256	1	4c729b343ed3186dffdf80a8e3adfea7c2d56a7a06081333030fb4635e09d540
Details	sha256	1	f2d9d7703a5983ae3b7767c33ae79de1db093ea30f97d6b16bb5b62f03e99638
Details	sha256	1	4365c2ba5505afeab2c479a9c546ed3cbc07ace184fe5019947823018feb4265
Details	sha256	1	b6d4b4ef2880238dc8e322c7438f57b69cec6d44c0599875466a1edb8d093e15
Details	sha256	1	94f0e2aa41e1703e37341cba0601441b2d9fa2e11615cad81ba5c93042c8f58c
Details	sha256	1	ff8c9d8c6f16a466d8e598c25829ec0c2fb4503b74d17f307e13c28fd2e99b93
Details	sha256	1	7417daf85e6215dedfd85ca8bfafcfd643c8afe0debcf983ad4bacdb4d1a6dbc
Details	sha256	1	de23da87e7fbecb2eaccbb85eeff465250dbca7c0aba01a2766761e0538f90b6
Details	sha256	1	f06d02359666b763e189402b7fbf9dfa83ba6f4da2e7d037b3f9aebefd2d5a45
Details	sha256	1	c51bce247bee4a6f4cd2d7d45483b5b1d9b53f8cc0e04fb4f4221283e356959d
Details	sha256	1	d3db1e56360b25e7f36abb822e03c18d23a19a9b5f198e16c16e06785fc8c5fa
Details	sha256	2	db0831e19a4e3a736ea7498dadc2d6702342f75fd8f7fbae1894ee2e9738c2b4
Details	sha256	2	0439628816cabe113315751e7113a9e9f720d7e499ffdd78acbac1ed8ba35887
Details	sha256	2	b556b5c077e38dcb65d21a707c19618d02e0a65ff3f9887323728ec078660cc3
Details	sha256	1	9b8ec5d0c10ccdd3933b7712ba40065d1b0dd3ffa7968fb28ad426cd5eee5001
Details	sha256	2	50f329e034db96ba254328cd1e0f588af6126c341ed92ddf4aeb96bc76835937
Details	sha256	1	19690e5b862042d9011dbdd92504f5012c08d51efca36828a5e9bdfe27d88842
Details	sha256	1	3fcffe9eae90ec365efb361674613ac95de50b2ccfd634c24491923f85c309a5
Details	sha256	1	fe4640fefa4bef02041a771a206f9184adb38de051f0d8726c4579736fe13bb6
Details	sha256	2	3596e8fa5e19e860a2029fa4ab7a4f95fadf073feb88e4f82b19a093e1e2737c
Details	sha256	1	7ddbade1f4fcb48f254e7defa1ab5ec568e8ff0403693860b76870e11816aee6
Details	sha256	1	8a5cce25f1bf60e716709c724b96630b95e55cc0e488d74d60ea50ffba7d6946
Details	sha256	1	609ed51631da2defa34d58f60dc2a0f38e1574d8cf07647b844fc8b95de4bd8c
Details	sha256	2	15292172a83f2e7f07114693ab92753ed32311dfba7d54fe36cc7229136874d9
Details	sha256	1	c977ac10aa3d2250a1af39630f532184a5185f505bcd5f03ea7083a3a701a969
Details	sha256	1	b1d48e8185d9d366dce8c723ba765d6c593b7873cb43d77335084b58bbc7cb4d
Details	sha256	1	d3c6985d965cad5bff6075677ed8c2cafee4c3a048fb5af81b442665c76dff7b
Details	sha256	2	5f30aa2fe338191b972705412b8043b0a134cdb287d754771fc225f2309e82ee
Details	sha256	1	36b0fa6c0da7434707e7e330f40316458c0c1edc39b80e2fe58745cd77955eb3
Details	sha256	2	aceb27720115a63b9d47e737fd878a61c52435ea4ec86ba8e58ee744bc85c4f3
Details	sha256	1	df9200ba0d967487b9eb9627078d7faa88072c493b6d9e2b68211c14b06e9f4e
Details	sha256	1	17d6dde8a6715b9311734cb557b76160a22e340785b3950eae23aae67b0af6a8
Details	sha256	1	93f0a1fe486ad222b742e451f25f4c9219b1e0f5b4273a15ce08dd714827745a
Details	sha256	1	1c8100aca288483d5c29dcf33df887e72513f9b1cb6d0c96045401981351307c
Details	sha256	2	cde45f7ff05f52b7215e4b0ea1f2f42ad9b42031e16a3be9772aa09e014bacdb
Details	sha256	1	47e16f7db53d9adf24d193ff4d523b1bc7ae59ff8520cfa012365bdb947c96f9
Details	sha256	1	f8ee4c00a3a53206d8d37abe5ed9f4bfc210a188cd5b819d3e1f77b34504061e
Details	sha256	1	55039ab48c0916a38f1ceee08ba9f9cf5f292064cf3ee6631f22becde5e74b2d
Details	sha256	3	15ffbb8d382cd2ff7b0bd4c87a7c0bffd1541c2fe86865af445123bc0b770d13
Details	sha256	1	a46481cdb4a9fc1dbdcccc49c3deadbf18c7b9f274a0eb5fdf73766a03f19a7f
Details	sha256	1	cf33a92a05ba3c807447a5f6b7e45577ed53174699241da360876d4f4a2eb2de
Details	sha256	2	be8eb97d8171b8c91c6bc420346f7a6d2d2f76809a667ade03c990feffadaad5
Details	sha256	31	85b936960fbe5100c170b777e1647ce9f0f01e3ab9742dfc23f37cb0825b30b5
Details	sha256	1	ad3c0b153d5b5ba4627daa89cd2adbb18ee5831cb67feeb7394c51ebc1660f41
Details	sha256	1	756f44f1d667132b043bfd3da16b91c9f6681e5d778c5f07bb031d62ff00d380
Details	sha256	1	b99c3cc1acbb085c9a895a8c3510f6daaf31f0d2d9ccb8477c7fb7119376f57b
Details	sha256	1	6c55b736646135c0acbad702fde64574a0a55a77be3f39287774c7e518de3da9
Details	sha256	1	52e88433f2106cc9a3a961cd8c3d0a8939d8de28f2ef3ee8ea648534a8b036a4
Details	sha256	2	ca63dbb99d9da431bf23aca80dc787df67bb01104fb9358a7813ed2fce479362
Details	sha256	1	a418edc5f1fb14fbf9398051225f649810fa75514ca473610be44264bf3c663c
Details	sha256	1	6775d627d99733f3f02494db7e13935b505132f43c56e7f8850c54e6627691de
Details	sha256	2	0259d41720f7084716a3b2bbe34ac6d3021224420f81a4e839b0b3401e5ef29f
Details	sha256	1	06c031f0d905cdeb0d9c172c27ae0c2d25bbf0d08db27a4aa98ec540a15306e7
Details	sha256	1	a4c460b27d03daf7828f6b6db87e0ff3ee851fdb1b8654b0a778b4c34953a3dc
Details	sha256	2	b2a3172a1d676f00a62df376d8da805714553bb3221a8426f9823a8a5887daaa
Details	sha256	1	96edea8d08ab10eee86776cfb9e32b4701096d21c39dbffeb49bd638f09d726a
Details	sha256	2	cf25bdc6711a72713d80a4a860df724a79042be210930dcbfc522da72b39bb12
Details	sha256	1	36107f74be98f15a45ff716e37dad70f1ff9515bc72a0a1ec583b803c220aa92
Details	sha256	2	f0df80978b3a563077def7ba919e2f49e5883d24176e6b3371a8eef1efe2b06a
Details	sha256	2	b7d8fcc3fb533e5e0069e00bc5a68551479e54a990bb1b658e1bd092c0507d68
Details	sha256	1	70dbb0b5562cd034c6b70a4a86a346b0f0039acf1b09f5814c42895963e12ea0
Details	sha256	2	aa8adf96fc5a7e249a6a487faaf0ed3e00c40259fdae11d4caf47a24a9d3aaed
Details	sha256	1	66d619ca5e848ce0e4bcb1252ff8a4f0a060197a94810de85873c76fa3826c1e
Details	sha256	1	45d943c1a4e3615a52f7561791c331cd7d996dd6ddc5421fab78c2d734fed6b6
Details	sha256	1	478021e127232f6c6bad31b342486c88d58ab299e6c1336bbf3da00f3c38f1c8
Details	sha256	1	42e1a05ab55d4a209d6198454718e6aaf0ac63b1778ccfc648b7791d06eddc44
Details	sha256	1	5d181f72ca116b2925151416d5cc6d8f7ab29242be9030ec927e7175c764f56f
Details	sha256	1	00f49b9f5e2d0156017dd5421c9301cf62b0a023d45f36455cf1d287c7f061cb
Details	sha256	1	5c75ac1a0f824cb3b14a84b5b2dba0a52ed150e2e410850eafa08338dd596198
Details	sha256	1	fe9f693a81ceed943854896543406edd1a6e4c2ee6a84abf196659fc8617f22e
Details	sha256	1	8b4b3f131d70922502e61e7ef294f69916d289f72fe3dcccca7e2ebb904de018
Details	sha256	1	d690b048e3984f9f8305ba0d3fb4eeea490a1461796b6927a31d0beffdafbc8b
Details	sha256	1	d05609b368bc35d4795cc220ef42ea06d9ac8284e49b218c64789876ccdacb2e
Details	sha256	1	52da4c4c3ac7237ee803a5aa3250d9ca1b571876d46d725135079a866b4a554d
Details	sha256	1	3a3344f89ce8c459c11b7d480db274e8ea438cacedfe60332b1b2b65e82dfab1
Details	sha256	1	64af944e3ca7dec9a5673df3043d24064351de33a6ecc61ad2d288956a570bff
Details	sha256	1	0be5db462b912cc4207e47c7fe0a80153e1f15a327a486fb2ba3e0c1efa2978a
Details	sha256	1	686eb63c8b5c07040f22e6fee0cc76baabe283fcffc0926df1bf3b802aeb8cfe
Details	sha256	1	39e8a25b0875e2ba1906b83b2d0c2cfd0762a5f1a670e6d736cc3873125b807c
Details	sha256	1	2dfd7a838abcf46e420e418af04413ba53cc5592ec18b8a6fe35cab161baeb48
Details	sha256	1	ab0c0471fd57e3ed03bbb5c5e4564c3843d62d0b7b88a15a18cd2d057a22a9f6
Details	sha256	1	ab8511ed01a0601e974809c8f3f92094ebf6669679228ce6daea6027ab59e554
Details	sha256	1	32d18553602309c19b5f88a1761bc1598f346124915c2c38e1129b7c5cf94a42
Details	sha256	1	0a4d0fb773e9251bd420e3998605500881bca21119d7af44f06b002de2cdc8fe
Details	sha256	1	ab9e4c3c4827896a309a16b289e97ae848113590c8db2a62b931833ab83d9099
Details	sha256	1	5ae7d87b81db21da2b6212ff1229264093b5954f2d6ffb273420f898141c611d
Details	sha256	1	d29841ebebeb48fc3da7e23ce4a0a4d3e48c1602485e9fbe913cb2ff8eb9d0dd
Details	sha256	1	b64712d39bd2ce26bb24f6cd5877554bee39240bd5994a1a6143bba660c34e2b
Details	sha256	1	02981319f54847a5587fc9cb4e32c54a76bdcfe583bc3059ee79a40c4a4409d7
Details	sha256	1	b585e210997e38741c4842979472b38e704c187a11565e32d549d0aab181ad3a
Details	sha256	1	5def9f81ea8187a2716c77fe21a709b9c760762973fc3bbe62203e2b5897f1cc
Details	sha256	1	74254df16012b0ffee18f02c96820e507b961cc6a7bcb5cc2a5f43064291d0a4
Details	sha256	1	b8a24d8aa9b936413be925091ff551a9e872c634e9aef28df0f19363645e1224
Details	sha256	1	04d17a702b485ae343287239b0b6201ebcaea3dd24188579800d21a16f9b35c6
Details	sha256	1	fc0997022f3b02556362ff87c59ba6db6751070aa7e73a42ac634af0eaab6ca5
Details	sha256	1	7a08530d46fd2bd0e61cb5ebeae8a32b6020cda5555290d5e7d8b2838127d0f6
Details	sha256	1	b13cb42cb21efe404a88501e9ecca74f695b527a42934e62625ddf11fefcea9a
Details	sha256	1	57d1f4287e36c4b109afb797d50d693329d92e6d9ee69822242e55cac3c422f7
Details	sha256	1	5e8bfc88a5643c40d6efd4462cd918573e9be6fd934222a0bccc64d3e789fdfc
Details	sha256	1	21167b8443213332b519140e364cf25043b2b9171ac8ab3ce4b591e62c3b5f89
Details	sha256	1	7857ecefa14ab3d86a699700b313c85d6d3b106fe5375f5a5e938784271fb1dd
Details	sha256	1	6791024c02a9045b237f9bf09e2ca7a7e3503d81a59f4691e5442670be21b0c1
Details	sha256	1	8995c73fe107b3c4dad829db8e7a6b9b2bee29811d73909a9bf67ad5bd5acacb
Details	sha256	1	4a928ff8904640733cff08bd5f70e23ee2466cb8f925a1764e9ad61bbf006efd
Details	sha256	1	18267b8425c9dbcf4de44b22c80712ac58ddff7e3fa54839252bd5337778859f
Details	sha256	1	24437f92578b3632452e1e9a97341c781d36dae544d4d6827e5831c71e0f34db
Details	sha256	1	782d840f3dc7f648f8404de3e4039882e05fcf8cd2cba1509136835f6cb547d0
Details	sha256	1	437064714d5b080673fbdeae792a5376fbd8be361a6783a8bda78d944975f055
Details	sha256	1	c735098987b555b3aa3adb58e0691d9280c2b593307072d7d731e02cd338d7ac
Details	sha256	1	33c14ef70be64290bcd9bd5abc72f2e39f50bfa567c5f521ee5d3406deb80a93
Details	sha256	1	3c9b80de476f842c4325580ab628ddebae4a7261ffaee52c3df0514a368d3c11
Details	IPv4	2	122.112.179.189
Details	IPv4	1	192.168.56.52
Details	IPv4	1	180.126.161.27
Details	IPv4	1	210.112.41.71
Details	IPv4	1	121.206.143.140
Details	IPv4	1	94.23.23.52
Details	IPv4	1	91.121.140.167
Details	IPv4	1	149.202.83.171
Details	IPv4	1	139.99.124.170
Details	IPv4	3	37.187.95.110
Details	IPv4	1	94.23.247.226
Details	IPv4	1	139.99.125.38
Details	IPv4	1	18.180.72.219
Details	IPv4	1	3.0.193.200
Details	IPv4	1	139.180.131.153
Details	IPv4	1	45.32.24.80
Details	IPv4	1	116.203.73.240
Details	IPv4	1	44.202.105.45
Details	IPv4	1	95.179.220.100
Details	IPv4	1	139.99.100.250
Details	IPv4	1	149.28.17.136
Details	IPv4	1	45.76.206.51
Details	IPv4	1	142.44.240.132
Details	IPv4	8	139.99.123.196
Details	IPv4	3	94.130.12.27
Details	IPv4	1	178.63.100.197
Details	IPv4	1	107.178.104.10
Details	IPv4	1	92.110.160.114
Details	IPv4	2	94.130.12.30
Details	IPv4	1	37.59.52.83
Details	IPv4	1	104.140.201.102
Details	IPv4	1	95.216.46.125
Details	IPv4	1	3.253.40.188
Details	IPv4	1	3.253.40.189
Details	IPv4	1	45.125.194.18
Details	IPv4	1	45.125.194.34
Details	IPv4	1	78.47.158.234
Details	IPv4	1	47.101.30.124
Details	IPv4	1	203.107.32.162
Details	IPv4	1	47.102.39.92
Details	IPv4	1	47.102.251.102
Details	IPv4	1	47.110.199.70
Details	IPv4	1	139.224.168.24
Details	IPv4	1	47.110.190.245
Details	IPv4	1	139.224.219.119
Details	IPv4	1	139.224.20.173
Details	IPv4	1	203.107.40.49
Details	IPv4	1	116.211.169.162
Details	IPv4	1	218.11.2.44
Details	IPv4	1	107.191.99.221
Details	IPv4	1	107.191.99.95
Details	IPv4	1	3.112.214.88
Details	IPv4	1	47.241.2.137
Details	IPv4	1	206.189.33.65
Details	IPv4	1	161.117.192.8
Details	IPv4	1	47.244.176.59
Details	IPv4	1	210.1.226.51
Details	IPv4	1	116.203.61.78
Details	IPv4	2	35.163.175.186
Details	IPv4	1	178.128.107.204
Details	IPv4	1	45.77.31.97
Details	IPv4	1	172.104.91.217
Details	IPv4	1	103.101.30.10
Details	IPv4	1	139.99.72.56
Details	IPv4	1	176.9.4.26
Details	IPv4	1	149.202.214.40
Details	IPv4	2	37.59.43.136
Details	IPv4	1	37.59.44.193
Details	IPv4	1	37.59.43.131
Details	IPv4	2	88.99.242.92
Details	IPv4	1	88.99.193.240
Details	IPv4	1	94.130.165.85
Details	IPv4	1	94.130.165.87
Details	IPv4	2	91.121.2.76
Details	IPv4	2	37.59.54.205
Details	IPv4	2	37.59.55.60
Details	IPv4	2	37.59.44.93
Details	IPv4	2	37.187.154.79
Details	IPv4	2	37.59.45.174
Details	IPv4	2	176.9.53.68
Details	IPv4	3	78.46.91.134
Details	IPv4	1	94.23.41.130
Details	IPv4	2	176.9.2.144
Details	IPv4	2	178.63.48.196
Details	IPv4	2	78.46.89.102
Details	IPv4	1	37.59.56.102
Details	IPv4	1	94.23.212.204
Details	IPv4	2	188.165.254.85
Details	IPv4	1	46.105.103.169
Details	IPv4	1	76.9.50.126
Details	IPv4	1	37.59.51.212
Details	IPv4	1	91.121.87.10
Details	IPv4	1	94.130.206.79
Details	IPv4	1	188.165.199.78
Details	IPv4	1	176.31.117.82
Details	IPv4	1	188.165.214.95
Details	IPv4	1	94.23.206.130
Details	IPv4	1	176.9.63.166
Details	IPv4	1	94.130.164.60
Details	IPv4	1	78.46.91.171
Details	IPv4	1	188.165.214.76
Details	IPv4	1	37.59.44.68
Details	IPv4	1	94.23.8.105
Details	IPv4	1	37.59.49.7
Details	IPv4	1	183.201.229.131
Details	IPv4	1	117.139.17.68
Details	IPv4	1	223.167.166.51
Details	IPv4	1	111.7.68.222
Details	Url	1	http://www.yzzswt.com
Details	Windows Registry Key	1	HKCU\Software\Microsoft\Windows\CurrentVersion\Run\QQMusic
Details	Windows Registry Key	1	HKLM\Software\Microsoft\Windows\CurrentVersion\Run\QQMusic
Details	Windows Registry Key	1	HKLM\Software\Microsoft\Windows\CurrentVersion\spreadCpuXmr
Details	Windows Registry Key	1	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\spreadCpuXmr
Details	Windows Registry Key	1	HKCU\Software\RealVNC\vncviewer\KnownHosts
Details	Windows Registry Key	1	HKCU\Software\RealVNC\vncviewer\MRU
Details	Windows Registry Key	22	HKCU\Software\Microsoft\Internet
Details	Windows Registry Key	16	HKLM\Software\Microsoft\Internet