KaydaTheDerg - Fenris

content copied

content

Start::
CloseProcesses:

GroupPolicy-Firefox: Restriction <==== ATTENTION
AlternateDataStreams: C:\Users\GGPC\Downloads\esetonlinescanner.exe:MBAM.Zone.Identifier [157]
AlternateDataStreams: C:\Users\GGPC\Downloads\esetonlinescanner.exe:mshield [164]

Comment: This snippet reverts User Account Control to default
StartRegedit:
Windows Registry Editor Version 5.00
    
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
"ConsentPromptBehaviorUser"=dword:00000003
"EnableLUA"=dword:00000001

EndRegedit:

EmptyTemp:
End::

Malware Log Analysis

content