Trojan.Siggen17.29324

Technical Information

Modifies file system

Creates the following files

%TEMP%\rarsfx0\cybermania.url
%ProgramFiles%\lightburn\translations\is-5f6a1.tmp
%ProgramFiles%\lightburn\translations\is-lk4rs.tmp
%ProgramFiles%\lightburn\translations\is-06vu9.tmp
%ProgramFiles%\lightburn\translations\is-e9uvq.tmp
%ProgramFiles%\lightburn\translations\is-s2rtp.tmp
%ProgramFiles%\lightburn\translations\is-vvu8d.tmp
%ProgramFiles%\lightburn\translations\is-dtgtd.tmp
%ProgramFiles%\lightburn\styles\is-8d8je.tmp
%ProgramFiles%\lightburn\printsupport\is-dooma.tmp
%ProgramFiles%\lightburn\playlistformats\is-sqm5u.tmp
%ProgramFiles%\lightburn\platforms\is-68lft.tmp
%ProgramFiles%\lightburn\mediaservice\is-kvbpr.tmp
%ProgramFiles%\lightburn\translations\is-1cmma.tmp
%ProgramFiles%\lightburn\mediaservice\is-ki7lk.tmp
%ProgramFiles%\lightburn\languages\is-v34m1.tmp
%ProgramFiles%\lightburn\languages\is-u8p35.tmp
%ProgramFiles%\lightburn\languages\is-5pcil.tmp
%ProgramFiles%\lightburn\languages\is-3kfcp.tmp
%ProgramFiles%\lightburn\languages\is-eq2k2.tmp
%ProgramFiles%\lightburn\languages\is-36rpp.tmp
%ProgramFiles%\lightburn\languages\is-igcev.tmp
%ProgramFiles%\lightburn\languages\is-pclkl.tmp
%ProgramFiles%\lightburn\languages\is-i62i8.tmp
%ProgramFiles%\lightburn\mediaservice\is-vnie5.tmp
%ProgramFiles%\lightburn\imageformats\is-21mo7.tmp
%ProgramFiles%\lightburn\translations\is-6p6j1.tmp
C:\users\public\desktop\lightburn.lnk
%ALLUSERSPROFILE%\microsoft\windows\start menu\programs\lightburn\uninstall lightburn.lnk
%ALLUSERSPROFILE%\microsoft\windows\start menu\programs\lightburn\lightburn.lnk
%ProgramFiles%\lightburn\is-73qjl.tmp
%ProgramFiles%\lightburn\is-5tfhh.tmp
%ProgramFiles%\lightburn\is-v1o6i.tmp
%ProgramFiles%\lightburn\is-kqb4q.tmp
%ProgramFiles%\lightburn\is-rar0n.tmp
%ProgramFiles%\lightburn\is-scebv.tmp
%ProgramFiles%\lightburn\is-pl37l.tmp
%ProgramFiles%\lightburn\is-3p6kr.tmp
%ProgramFiles%\lightburn\languages\is-ofmd7.tmp
%ProgramFiles%\lightburn\translations\is-jn1k1.tmp
%ProgramFiles%\lightburn\is-l1sm6.tmp
%ProgramFiles%\lightburn\translations\is-91fao.tmp
%ProgramFiles%\lightburn\translations\is-loaj4.tmp
%ProgramFiles%\lightburn\translations\is-8mo8r.tmp
%ProgramFiles%\lightburn\translations\is-357re.tmp
%ProgramFiles%\lightburn\translations\is-rlneq.tmp
%ProgramFiles%\lightburn\translations\is-qsaqu.tmp
%ProgramFiles%\lightburn\translations\is-q1gbq.tmp
%ProgramFiles%\lightburn\translations\is-5ddkk.tmp
%ProgramFiles%\lightburn\translations\is-81id8.tmp
%ProgramFiles%\lightburn\translations\is-4fb4q.tmp
%ProgramFiles%\lightburn\is-9ujpk.tmp
%ProgramFiles%\lightburn\translations\is-ihuop.tmp
%ProgramFiles%\lightburn\languages\is-io912.tmp
%ProgramFiles%\lightburn\languages\is-ttoaf.tmp
%ProgramFiles%\lightburn\languages\is-pt8sq.tmp
%ProgramFiles%\lightburn\is-oudn5.tmp
%ProgramFiles%\lightburn\is-793na.tmp
%ProgramFiles%\lightburn\is-fn3da.tmp
%ProgramFiles%\lightburn\is-1iilc.tmp
%ProgramFiles%\lightburn\is-fas9k.tmp
%ProgramFiles%\lightburn\is-o4jmh.tmp
%ProgramFiles%\lightburn\is-lae8v.tmp
%ProgramFiles%\lightburn\is-t7van.tmp
%ProgramFiles%\lightburn\is-9sp83.tmp
%ProgramFiles%\lightburn\is-ktqu1.tmp
%ProgramFiles%\lightburn\is-r5u32.tmp
%ProgramFiles%\lightburn\unins000.dat
%ProgramFiles%\lightburn\is-uc0em.tmp
%ProgramFiles%\lightburn\is-pk0c1.tmp
%ProgramFiles%\lightburn\is-nfiks.tmp
%ProgramFiles%\lightburn\is-d15m9.tmp
%ProgramFiles%\lightburn\is-05p21.tmp
%ProgramFiles%\lightburn\is-g9f2q.tmp
%ProgramFiles%\lightburn\is-fmpbk.tmp
%TEMP%\is-mri11.tmp\_isetup\_setup64.tmp
%TEMP%\is-9s2i4.tmp\lightburn-v1.1.03.tmp
%TEMP%\rarsfx0\lightburn-v1.1.03.exe
%TEMP%\rarsfx0\readme.txt
%TEMP%\rarsfx0\replace.exe
%ProgramFiles%\lightburn\is-gn42u.tmp
%ProgramFiles%\lightburn\is-h5ku4.tmp
%ProgramFiles%\lightburn\is-np1as.tmp
%ProgramFiles%\lightburn\audio\is-1qg6d.tmp
%ProgramFiles%\lightburn\is-fvm63.tmp
%ProgramFiles%\lightburn\languages\is-3frcn.tmp
%ProgramFiles%\lightburn\languages\is-9jtv5.tmp
%ProgramFiles%\lightburn\languages\is-h9kvg.tmp
%ProgramFiles%\lightburn\languages\is-ged40.tmp
%ProgramFiles%\lightburn\languages\is-7edri.tmp
%ProgramFiles%\lightburn\languages\is-fan3h.tmp
%ProgramFiles%\lightburn\languages\is-uliov.tmp
%ProgramFiles%\lightburn\languages\is-gkrs3.tmp
%ProgramFiles%\lightburn\languages\is-ntrgv.tmp
%ProgramFiles%\lightburn\languages\is-av2cd.tmp
%ProgramFiles%\lightburn\is-9iole.tmp
%ProgramFiles%\lightburn\languages\is-5rcg5.tmp
%ProgramFiles%\lightburn\is-k6c4g.tmp
%ProgramFiles%\lightburn\imageformats\is-gm1s2.tmp
%ProgramFiles%\lightburn\imageformats\is-5nqi9.tmp
%ProgramFiles%\lightburn\imageformats\is-km13v.tmp
%ProgramFiles%\lightburn\imageformats\is-qpggi.tmp
%ProgramFiles%\lightburn\imageformats\is-0vton.tmp
%ProgramFiles%\lightburn\imageformats\is-q5t0j.tmp
%ProgramFiles%\lightburn\imageformats\is-opcg7.tmp
%ProgramFiles%\lightburn\iconengines\is-90id7.tmp
%ProgramFiles%\lightburn\bearer\is-dhmcl.tmp
%ProgramFiles%\lightburn\audio\is-7n5gd.tmp
%ProgramFiles%\lightburn\imageformats\is-dlotb.tmp
%ProgramFiles%\lightburn\lightburn.exe

Deletes the following files

%ProgramFiles%\lightburn\vcredist_2010_x64.exe
%ProgramFiles%\lightburn\vcredist_2017_x64.exe
%ProgramFiles%\lightburn\serialdriver.exe
%TEMP%\is-mri11.tmp\_isetup\_setup64.tmp
%TEMP%\is-9s2i4.tmp\lightburn-v1.1.03.tmp
%TEMP%\rarsfx0\cybermania.url
%TEMP%\rarsfx0\lightburn-v1.1.03.exe
%TEMP%\rarsfx0\readme.txt
%TEMP%\rarsfx0\replace.exe

Moves the following files

from %ProgramFiles%\lightburn\is-fmpbk.tmp to %ProgramFiles%\lightburn\unins000.exe
from %ProgramFiles%\lightburn\translations\is-06vu9.tmp to %ProgramFiles%\lightburn\translations\qt_da.qm
from %ProgramFiles%\lightburn\translations\is-e9uvq.tmp to %ProgramFiles%\lightburn\translations\qt_cs.qm
from %ProgramFiles%\lightburn\translations\is-s2rtp.tmp to %ProgramFiles%\lightburn\translations\qt_ca.qm
from %ProgramFiles%\lightburn\translations\is-vvu8d.tmp to %ProgramFiles%\lightburn\translations\qt_bg.qm
from %ProgramFiles%\lightburn\translations\is-dtgtd.tmp to %ProgramFiles%\lightburn\translations\qt_ar.qm
from %ProgramFiles%\lightburn\styles\is-8d8je.tmp to %ProgramFiles%\lightburn\styles\qwindowsvistastyle.dll
from %ProgramFiles%\lightburn\printsupport\is-dooma.tmp to %ProgramFiles%\lightburn\printsupport\windowsprintersupport.dll
from %ProgramFiles%\lightburn\playlistformats\is-sqm5u.tmp to %ProgramFiles%\lightburn\playlistformats\qtmultimedia_m3u.dll
from %ProgramFiles%\lightburn\platforms\is-68lft.tmp to %ProgramFiles%\lightburn\platforms\qwindows.dll
from %ProgramFiles%\lightburn\mediaservice\is-vnie5.tmp to %ProgramFiles%\lightburn\mediaservice\wmfengine.dll
from %ProgramFiles%\lightburn\mediaservice\is-kvbpr.tmp to %ProgramFiles%\lightburn\mediaservice\qtmedia_audioengine.dll
from %ProgramFiles%\lightburn\mediaservice\is-ki7lk.tmp to %ProgramFiles%\lightburn\mediaservice\dsengine.dll
from %ProgramFiles%\lightburn\languages\is-v34m1.tmp to %ProgramFiles%\lightburn\languages\lightburn_zh-tw.qm
from %ProgramFiles%\lightburn\languages\is-u8p35.tmp to %ProgramFiles%\lightburn\languages\lightburn_zh-cn.qm
from %ProgramFiles%\lightburn\languages\is-5pcil.tmp to %ProgramFiles%\lightburn\languages\lightburn_tr.qm
from %ProgramFiles%\lightburn\languages\is-3kfcp.tmp to %ProgramFiles%\lightburn\languages\lightburn_sv.qm
from %ProgramFiles%\lightburn\languages\is-eq2k2.tmp to %ProgramFiles%\lightburn\languages\lightburn_sl.qm
from %ProgramFiles%\lightburn\languages\is-36rpp.tmp to %ProgramFiles%\lightburn\languages\lightburn_ru.qm
from %ProgramFiles%\lightburn\languages\is-igcev.tmp to %ProgramFiles%\lightburn\languages\lightburn_pt.qm
from %ProgramFiles%\lightburn\languages\is-pclkl.tmp to %ProgramFiles%\lightburn\languages\lightburn_pl.qm
from %ProgramFiles%\lightburn\languages\is-i62i8.tmp to %ProgramFiles%\lightburn\languages\lightburn_no.qm
from %ProgramFiles%\lightburn\translations\is-lk4rs.tmp to %ProgramFiles%\lightburn\translations\qt_de.qm
from %ProgramFiles%\lightburn\translations\is-jn1k1.tmp to %ProgramFiles%\lightburn\translations\qt_es.qm
from %ProgramFiles%\lightburn\is-5tfhh.tmp to %ProgramFiles%\lightburn\corelexportscript.txt
from %ProgramFiles%\lightburn\translations\is-1cmma.tmp to %ProgramFiles%\lightburn\translations\qt_fi.qm
from %ProgramFiles%\lightburn\is-v1o6i.tmp to %ProgramFiles%\lightburn\exporttolightburn.gms
from %ProgramFiles%\lightburn\is-kqb4q.tmp to %ProgramFiles%\lightburn\lbfiledialog.exe
from %ProgramFiles%\lightburn\is-rar0n.tmp to %ProgramFiles%\lightburn\sendudp.exe
from %ProgramFiles%\lightburn\is-scebv.tmp to %ProgramFiles%\lightburn\lightburn.ico
from %ProgramFiles%\lightburn\is-pl37l.tmp to %ProgramFiles%\lightburn\palette.json
from %ProgramFiles%\lightburn\is-3p6kr.tmp to %ProgramFiles%\lightburn\serialdriver.exe
from %ProgramFiles%\lightburn\is-h5ku4.tmp to %ProgramFiles%\lightburn\vcredist_2017_x64.exe
from %ProgramFiles%\lightburn\is-9ujpk.tmp to %ProgramFiles%\lightburn\vcredist_2010_x64.exe
from %ProgramFiles%\lightburn\is-l1sm6.tmp to %ProgramFiles%\lightburn\lbshellextthumbnailhandler.dll
from %ProgramFiles%\lightburn\translations\is-91fao.tmp to %ProgramFiles%\lightburn\translations\qt_uk.qm
from %ProgramFiles%\lightburn\translations\is-loaj4.tmp to %ProgramFiles%\lightburn\translations\qt_sk.qm
from %ProgramFiles%\lightburn\translations\is-8mo8r.tmp to %ProgramFiles%\lightburn\translations\qt_ru.qm
from %ProgramFiles%\lightburn\translations\is-357re.tmp to %ProgramFiles%\lightburn\translations\qt_pl.qm
from %ProgramFiles%\lightburn\translations\is-rlneq.tmp to %ProgramFiles%\lightburn\translations\qt_lv.qm
from %ProgramFiles%\lightburn\translations\is-qsaqu.tmp to %ProgramFiles%\lightburn\translations\qt_ko.qm
from %ProgramFiles%\lightburn\translations\is-q1gbq.tmp to %ProgramFiles%\lightburn\translations\qt_ja.qm
from %ProgramFiles%\lightburn\translations\is-5ddkk.tmp to %ProgramFiles%\lightburn\translations\qt_it.qm
from %ProgramFiles%\lightburn\translations\is-81id8.tmp to %ProgramFiles%\lightburn\translations\qt_hu.qm
from %ProgramFiles%\lightburn\translations\is-4fb4q.tmp to %ProgramFiles%\lightburn\translations\qt_he.qm
from %ProgramFiles%\lightburn\translations\is-ihuop.tmp to %ProgramFiles%\lightburn\translations\qt_gd.qm
from %ProgramFiles%\lightburn\translations\is-6p6j1.tmp to %ProgramFiles%\lightburn\translations\qt_fr.qm
from %ProgramFiles%\lightburn\languages\is-ofmd7.tmp to %ProgramFiles%\lightburn\languages\lightburn_nl.qm
from %ProgramFiles%\lightburn\translations\is-5f6a1.tmp to %ProgramFiles%\lightburn\translations\qt_en.qm
from %ProgramFiles%\lightburn\languages\is-io912.tmp to %ProgramFiles%\lightburn\languages\lightburn_ko.qm
from %ProgramFiles%\lightburn\audio\is-1qg6d.tmp to %ProgramFiles%\lightburn\audio\qtaudio_wasapi.dll
from %ProgramFiles%\lightburn\is-fvm63.tmp to %ProgramFiles%\lightburn\qt5xml.dll
from %ProgramFiles%\lightburn\is-np1as.tmp to %ProgramFiles%\lightburn\qt5widgets.dll
from %ProgramFiles%\lightburn\is-uc0em.tmp to %ProgramFiles%\lightburn\qt5svg.dll
from %ProgramFiles%\lightburn\is-k6c4g.tmp to %ProgramFiles%\lightburn\qt5serialport.dll
from %ProgramFiles%\lightburn\is-793na.tmp to %ProgramFiles%\lightburn\qt5printsupport.dll
from %ProgramFiles%\lightburn\is-fn3da.tmp to %ProgramFiles%\lightburn\qt5opengl.dll
from %ProgramFiles%\lightburn\is-1iilc.tmp to %ProgramFiles%\lightburn\qt5network.dll
from %ProgramFiles%\lightburn\is-fas9k.tmp to %ProgramFiles%\lightburn\qt5multimediawidgets.dll
from %ProgramFiles%\lightburn\is-o4jmh.tmp to %ProgramFiles%\lightburn\qt5multimedia.dll
from %ProgramFiles%\lightburn\is-lae8v.tmp to %ProgramFiles%\lightburn\qt5gui.dll
from %ProgramFiles%\lightburn\is-t7van.tmp to %ProgramFiles%\lightburn\qt5core.dll
from %ProgramFiles%\lightburn\is-9sp83.tmp to %ProgramFiles%\lightburn\potrace.dll
from %ProgramFiles%\lightburn\is-ktqu1.tmp to %ProgramFiles%\lightburn\lightburn.pdb
from %ProgramFiles%\lightburn\is-r5u32.tmp to %ProgramFiles%\lightburn\lightburn.exe
from %ProgramFiles%\lightburn\is-gn42u.tmp to %ProgramFiles%\lightburn\libusb-1.0.dll
from %ProgramFiles%\lightburn\is-oudn5.tmp to %ProgramFiles%\lightburn\libglesv2.dll
from %ProgramFiles%\lightburn\is-pk0c1.tmp to %ProgramFiles%\lightburn\libegl.dll
from %ProgramFiles%\lightburn\is-nfiks.tmp to %ProgramFiles%\lightburn\libeay32.dll
from %ProgramFiles%\lightburn\is-d15m9.tmp to %ProgramFiles%\lightburn\lexactivator.dll
from %ProgramFiles%\lightburn\is-05p21.tmp to %ProgramFiles%\lightburn\changelog.txt
from %ProgramFiles%\lightburn\is-g9f2q.tmp to %ProgramFiles%\lightburn\capturelib.dll
from %ProgramFiles%\lightburn\is-9iole.tmp to %ProgramFiles%\lightburn\ssleay32.dll
from %ProgramFiles%\lightburn\audio\is-7n5gd.tmp to %ProgramFiles%\lightburn\audio\qtaudio_windows.dll
from %ProgramFiles%\lightburn\languages\is-pt8sq.tmp to %ProgramFiles%\lightburn\languages\lightburn_it.qm
from %ProgramFiles%\lightburn\bearer\is-dhmcl.tmp to %ProgramFiles%\lightburn\bearer\qgenericbearer.dll
from %ProgramFiles%\lightburn\languages\is-3frcn.tmp to %ProgramFiles%\lightburn\languages\lightburn_hu.qm
from %ProgramFiles%\lightburn\languages\is-9jtv5.tmp to %ProgramFiles%\lightburn\languages\lightburn_fr.qm
from %ProgramFiles%\lightburn\languages\is-h9kvg.tmp to %ProgramFiles%\lightburn\languages\lightburn_fi.qm
from %ProgramFiles%\lightburn\languages\is-ged40.tmp to %ProgramFiles%\lightburn\languages\lightburn_es-la.qm
from %ProgramFiles%\lightburn\languages\is-7edri.tmp to %ProgramFiles%\lightburn\languages\lightburn_es-es.qm
from %ProgramFiles%\lightburn\languages\is-fan3h.tmp to %ProgramFiles%\lightburn\languages\lightburn_en.qm
from %ProgramFiles%\lightburn\languages\is-uliov.tmp to %ProgramFiles%\lightburn\languages\lightburn_el.qm
from %ProgramFiles%\lightburn\languages\is-gkrs3.tmp to %ProgramFiles%\lightburn\languages\lightburn_de.qm
from %ProgramFiles%\lightburn\languages\is-ntrgv.tmp to %ProgramFiles%\lightburn\languages\lightburn_da.qm
from %ProgramFiles%\lightburn\languages\is-av2cd.tmp to %ProgramFiles%\lightburn\languages\lightburn_cs.qm
from %ProgramFiles%\lightburn\languages\is-5rcg5.tmp to %ProgramFiles%\lightburn\languages\lightburn_ar.qm
from %ProgramFiles%\lightburn\imageformats\is-dlotb.tmp to %ProgramFiles%\lightburn\imageformats\qwebp.dll
from %ProgramFiles%\lightburn\imageformats\is-21mo7.tmp to %ProgramFiles%\lightburn\imageformats\qwbmp.dll
from %ProgramFiles%\lightburn\imageformats\is-gm1s2.tmp to %ProgramFiles%\lightburn\imageformats\qtiff.dll
from %ProgramFiles%\lightburn\imageformats\is-5nqi9.tmp to %ProgramFiles%\lightburn\imageformats\qtga.dll
from %ProgramFiles%\lightburn\imageformats\is-km13v.tmp to %ProgramFiles%\lightburn\imageformats\qsvg.dll
from %ProgramFiles%\lightburn\imageformats\is-qpggi.tmp to %ProgramFiles%\lightburn\imageformats\qjpeg.dll
from %ProgramFiles%\lightburn\imageformats\is-0vton.tmp to %ProgramFiles%\lightburn\imageformats\qico.dll
from %ProgramFiles%\lightburn\imageformats\is-q5t0j.tmp to %ProgramFiles%\lightburn\imageformats\qicns.dll
from %ProgramFiles%\lightburn\imageformats\is-opcg7.tmp to %ProgramFiles%\lightburn\imageformats\qgif.dll
from %ProgramFiles%\lightburn\iconengines\is-90id7.tmp to %ProgramFiles%\lightburn\iconengines\qsvgicon.dll
from %ProgramFiles%\lightburn\languages\is-ttoaf.tmp to %ProgramFiles%\lightburn\languages\lightburn_ja.qm
from %ProgramFiles%\lightburn\is-73qjl.tmp to %ProgramFiles%\lightburn\installing the lightburn macro for coreldraw.pdf

Network activity

Connects to

'cy###mania.ws':80
'cy###mania.ws':443

TCP

HTTP GET requests

http://www.cy###mania.ws/

Other

'cy###mania.ws':443

UDP

DNS ASK cy###mania.ws

Miscellaneous

Searches for the following windows

ClassName: 'EDIT' WindowName: ''
ClassName: 'Static' WindowName: ''
ClassName: 'MS_AutodialMonitor' WindowName: ''
ClassName: 'MS_WebCheckMonitor' WindowName: ''

Creates and executes the following

'%TEMP%\rarsfx0\lightburn-v1.1.03.exe' /silent
'%TEMP%\is-9s2i4.tmp\lightburn-v1.1.03.tmp' /SL5="$10244,46903361,791040,%TEMP%\RarSFX0\LightBurn-v1.1.03.exe" /silent
'%TEMP%\rarsfx0\replace.exe'

Executes the following

'<SYSTEM32>\regsvr32.exe' /s "%ProgramFiles%\LightBurn\LBShellExtThumbnailHandler.dll"

Технологии

Термины

Обучение и просвещение

Мифы

Technical Information

Рекомендации по лечению

Демо бесплатно на 14 дней