Injector.DSCE

bullguard09.wm01.to(Injector.DSCE Hosted In Portugal Lisbon Dotsi Unipessoal Lda.)

Resolved [ bullguard09.wm01.to ] To [ 5.206.227.248 ] Malware activity : Reads terminal service related keys (often RDP related) Sets a global windows hook to intercept keystrokes Creates a fake system process Modifies auto-execute functionality by setting/creating a value in the registry Writes data to a remote process Reads the active computer name Reads the