PARA USUARIOS

Cerrar

Mi biblioteca
Mi biblioteca

+ Añadir a la biblioteca

Buscar
Buscar

Soporte
Soporte 24 horas | Normas de contactar

Escribir

una solicitud al rellenar un formulario

Llamar

+7 (495) 789-45-86

Foro

Sus solicitudes

Crear una nueva solicitud

Llamar

+7 (495) 789-45-86

Perfil

ES

RU CN DE EN ES FR IT JP KZ UZ PL BY
Cerrar
Servicios
Escáneres
Dr.Web vxCube
Demo
Peritaje de IIV
Biblioteca de virus
Base de conocimiento

Tecnologías

Términos

Formación y educación

Mitos

Noticias

Win32.HLLW.Autohit.16222

Added to the Dr.Web virus database: 2017-04-14

Virus description added:

Technical Information

Malicious functions:
Executes the following:
  • '<Current directory>\SICT_DATA\Profile.exe' e -y
  • '<Current directory>\SICT_DATA\EdumailConf\EdumailConf.exe' e -y
  • '<SYSTEM32>\shutdown.exe' /a
  • '<Current directory>\SICT_DATA\EPAutoEnrol\EPAutoEnrol.exe' e -y
Modifies file system:
Creates the following files:
  • <Current directory>\SICT_DATA\Student 9-12\Favorites\Metlink.url
  • <Current directory>\SICT_DATA\Student 5-8\Favorites\Mission Science.url
  • <Current directory>\SICT_DATA\Student 0-4\Favorites\NASA.url
  • <Current directory>\SICT_DATA\Student 5-8\Favorites\Merriam-Webster Dictionary Online.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Curriculum\Innovation.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Curriculum\Innovation.url
  • <Current directory>\SICT_DATA\Student 0-4\Favorites\Merriam-Webster Dictionary Online.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Curriculum\Student Learning.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Curriculum\Student Learning.url
  • <Current directory>\SICT_DATA\Student 0-4\Favorites\Tate Kids.url
  • <Current directory>\SICT_DATA\Student 5-8\Favorites\Schools Wikipedia.url
  • <Current directory>\SICT_DATA\Student 0-4\Favorites\National Geographic Kids.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Curriculum\Rubrics.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Curriculum\Rubrics.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Learning Tools\Dictionary.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Learning Tools\Dictionary.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Curriculum\ePotential.url
  • <Current directory>\SICT_DATA\Student 9-12\Favorites\Dictionary.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\DEECD\DEECD School Professionals.url
  • <Current directory>\SICT_DATA\Principal\Favorites\DEECD\DEECD Term Dates.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\DEECD\DEECD Term Dates.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Learning Tools\Google Maps.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Learning Tools\Google Maps.url
  • <Current directory>\SICT_DATA\Student 5-8\Favorites\How Stuff Works.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Information\Fuse Teacher.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Curriculum\ePotential.url
  • <Current directory>\SICT_DATA\Student 9-12\Favorites\Ergo.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Information\Fuse Teacher.url
  • <Current directory>\SICT_DATA\EdumailConf\EdumailConf.exe
  • <Current directory>\SICT_DATA\EdumailConf\Readme.doc
  • <Current directory>\SICT_DATA\EdumailConf\OutlookSetup.exe.Config
  • %TEMP%\aut9.tmp
  • <Current directory>\SICT_DATA\Principal\Favorites\Information\Wikipedia.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Information\Wikipedia.url
  • <Current directory>\SICT_DATA\Student 9-12\Favorites\Youth Central.url
  • %TEMP%\autA.tmp
  • <Current directory>\SICT_DATA\migprof.exe
  • %TEMP%\~DF5003.tmp
  • <Current directory>\SICT_DATA\EdumailConf\Microsoft.Web.Services.dll
  • <Current directory>\SICT_DATA\EdumailConf\Default.PRF
  • <Current directory>\SICT_DATA\EdumailConf\OutlookSetup.exe
  • <Current directory>\SICT_DATA\EdumailConf\eduArchitecture.UserSync.Interop.EduMailStaffList.dll
  • <Current directory>\SICT_DATA\Student 9-12\Favorites\The Age.url
  • <Current directory>\SICT_DATA\Principal\Favorites\News\The Age.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\News\The Age.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Information\TED.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Information\TeacherTube.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Information\TeacherTube.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Information\TED.url
  • <Current directory>\SICT_DATA\Principal\Favorites\News\Weather.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\News\Weather.url
  • <Current directory>\SICT_DATA\Student 9-12\Favorites\Wikipedia.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Curriculum\VCAA.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Learning Tools\Thesaurus.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Learning Tools\Thesaurus.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Curriculum\VCAA.url
  • <Current directory>\SICT_DATA\netdom.exe.mui
  • %TEMP%\aut8.tmp
  • <Current directory>\SICT_DATA\Profile.exe
  • %TEMP%\aut7.tmp
  • <Current directory>\SICT_DATA\EPAutoEnrol\SharpZipLib.dll
  • %TEMP%\aut6.tmp
  • <Current directory>\SICT_DATA\netdom.exe
  • <Current directory>\SICT_DATA\Student 0-4\Profile.BAT
  • <Current directory>\SICT_DATA\Student 0-4\homepage.txt
  • <Current directory>\SICT_DATA\Student 5-8\homepage.txt
  • <Current directory>\SICT_DATA\Teacher\Profile.BAT
  • <Current directory>\SICT_DATA\Principal\Profile.BAT
  • <Current directory>\SICT_DATA\Student 5-8\Profile.BAT
  • <Current directory>\SICT_DATA\Student 9-12\Profile.BAT
  • %TEMP%\aut3.tmp
  • %TEMP%\nyxqqqs
  • %TEMP%\aut4.tmp
  • %WINDIR%\eduSTAR-SICT.jpg
  • %TEMP%\aut1.tmp
  • %TEMP%\bxsarxe
  • %TEMP%\aut2.tmp
  • <Current directory>\SICT_DATA\EPAutoEnrol\eduPaSSAutoEnrol.exe
  • <Current directory>\SICT_DATA\EPAutoEnrol\winhttpcertcfg.exe
  • <Current directory>\SICT_DATA\EPAutoEnrol\PrivilegeClass.dll
  • <Current directory>\SICT_DATA\EPAutoEnrol\certmgr.exe
  • %TEMP%\aut5.tmp
  • <Current directory>\SICT_DATA\EPAutoEnrol\EPAutoEnrol.exe
  • <Current directory>\SICT_DATA\EPAutoEnrol\eduPaSSAutoEnrol.exe.Config
  • <Current directory>\SICT_DATA\Student 9-12\Favorites\Connect Secondary.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Learning Tools\Currency Converter.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Learning Tools\Currency Converter.url
  • <Current directory>\SICT_DATA\Student 5-8\Favorites\Connect Secondary.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Learning Tools\Calculator.url
  • <Current directory>\SICT_DATA\Student 0-4\Favorites\Connect Primary.url
  • <Current directory>\SICT_DATA\Student 5-8\Favorites\Connect Primary.url
  • <Current directory>\SICT_DATA\Principal\Favorites\DEECD\DEECD Edumail.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\DEECD\DEECD Edumail.url
  • <Current directory>\SICT_DATA\Principal\Favorites\DEECD\DEECD School Professionals.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Curriculum\DEECD A-Z of Technology.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Curriculum\CyberSafety.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Curriculum\CyberSafety.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Curriculum\DEECD A-Z of Technology.url
  • <Current directory>\SICT_DATA\Student 9-12\Favorites\ABC.url
  • <Current directory>\SICT_DATA\Principal\Favorites\News\ABC.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\News\ABC.url
  • <Current directory>\SICT_DATA\Student 0-4\Favorites\ABC The Playground.url
  • <Current directory>\SICT_DATA\Teacher\homepage.txt
  • <Current directory>\SICT_DATA\Student 9-12\homepage.txt
  • <Current directory>\SICT_DATA\Principal\homepage.txt
  • <Current directory>\SICT_DATA\Principal\Favorites\News\BBC.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\News\BBC.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Learning Tools\Calculator.url
  • <Current directory>\SICT_DATA\Student 5-8\Favorites\BBC Wildlife Finder.url
  • <Current directory>\SICT_DATA\Student 5-8\Favorites\ABC3.url
  • <Current directory>\SICT_DATA\Principal\Favorites\Learning Tools\Atlas.url
  • <Current directory>\SICT_DATA\Teacher\Favorites\Learning Tools\Atlas.url
Deletes the following files:
  • %TEMP%\aut8.tmp
  • %TEMP%\aut7.tmp
  • %TEMP%\aut6.tmp
  • <Current directory>\SICT_DATA\Profile.exe
  • %TEMP%\autA.tmp
  • <Current directory>\SICT_DATA\EdumailConf\EdumailConf.exe
  • %TEMP%\aut9.tmp
  • <Current directory>\SICT_DATA\EPAutoEnrol\EPAutoEnrol.exe
  • %TEMP%\aut2.tmp
  • %TEMP%\bxsarxe
  • %TEMP%\aut1.tmp
  • %TEMP%\aut3.tmp
  • %TEMP%\aut5.tmp
  • %TEMP%\aut4.tmp
  • %TEMP%\nyxqqqs
Moves itself:
  • from <Full path to file> to <Current directory>\SICT.exe
Network activity:
UDP:
  • DNS ASK km#.##ucation.wan
Miscellaneous:
Searches for the following windows:
  • ClassName: 'BUTTON' WindowName: ''
  • ClassName: 'Shell_TrayWnd' WindowName: ''