Trojan.MulDrop15.59484

Technical Information

Malicious functions

Executes the following

'%WINDIR%\syswow64\taskkill.exe' /F /IM diag.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM SPDeposit.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM UpgradeHeadGen.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM Upgrade tool.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM StartCabcDIPL.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM ResolveFramePlat.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM LogRead.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM CduCapSetTool.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM CABCLogFile.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM CABC_pc_lrae.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM FirmwareManager.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM YHZip.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM YHHelper.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM YHMonitor.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM WatchProcess.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM TestTool.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM COLS.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM yhSPSIUCABC.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM YHTTU_EXE.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM TTU300.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM CabcMainte.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM YHVdaApp.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM YHDrOKIUsbAgent.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM SIU300.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM yhsiudriver.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM CDM300.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM CIM300.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM YHC81Driver.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM Diaginit.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM Router.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM IO_Test.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM yhrouter.exe
'%WINDIR%\syswow64\taskkill.exe' /F /IM PowerTestRecycle.exe

Modifies file system

Creates the following files

C:\atm\drvsp__\devdrv_brm\yh6040w-brm.cat
C:\atm\drvsp\exe\pthreadgc2.dll
C:\atm\drvsp\exe\pscp.exe
C:\atm\drvsp\exe\firmwaremanager.exe
C:\atm\drvsp\exe\findhardware.exe
C:\atm\drvsp\exe\filever.exe
C:\atm\drvsp\exe\d_usb11_oki_win7.dll
C:\atm\drvsp\exe\d_usb11_oki.dll
C:\atm\drvsp\exe\pthreadgce2.dll
C:\atm\drvsp\exe\d_usb11.dll
C:\atm\drvsp\devdrv\i386\winusbcoinstaller2.dll
C:\atm\drvsp\devdrv\i386\wdfcoinstaller01009.dll
C:\atm\drvsp\devdrv\amd64\wudfupdate_01009.dll
C:\atm\drvsp\devdrv\amd64\winusbcoinstaller2.dll
C:\atm\drvsp\devdrv\amd64\wdfcoinstaller01009.dll
C:\atm\drvsp\devdrv\setsigpolicy.exe
C:\atm\drvsp\devdrv\installdrv.exe
C:\atm\drvsp\devdrv\i386\wudfupdate_01009.dll
C:\atm\drvsp\devdrv\yh6040w-cabc.inf
C:\atm\drvsp\exe\cashnumpic.dll
C:\atm\drvsp\exe\putty.exe
C:\atm\tools\cab\startcabcdipl.exe
C:\atm\tools\cab\cabc_pc_lrae.exe
C:\atm\tools\cab\cabclogfile.exe
C:\atm\firmware\cab\fmori\cabc.bin
C:\atm\firmware\cab\yh6040w_cab.dat
C:\atm\drvsp\exe\yh6040w_cab_fm_proc.dll
C:\atm\drvsp\exe\startcabcdipl.exe
C:\atm\drvsp\devdrv\installdrv.bat
C:\atm\drvsp\exe\d_usb11_yh_cabc.dll
C:\atm\drvsp\devdrv\yh6040w-cabc.cat
C:\atm\drvsp\exe\yhzip.exe
C:\atm\drvsp\exe\yhzip.bat
C:\atm\drvsp\exe\yhusbdrvwrap.dll
C:\atm\drvsp\exe\yhusbdrv.dll
C:\atm\drvsp\exe\sendkey.exe
C:\atm\drvsp\exe\readversion.bat
C:\atm\drvsp\exe\pthreadvc2.dll
C:\atm\drvsp\exe\pthreadvse2.dll
C:\atm\drvsp\devdrv\devcon_x64.exe
C:\atm\firmware__\cdu\fmori\newadj\top_80313.ini
C:\atm\firmware__\cdu\fmori\dsp_19112015.out
C:\atm\firmware__\cdu\fmori\dsp4_20073115.ais
C:\atm\firmware__\cdu\fmori\dsp3_20073116.ini
C:\atm\firmware__\cdu\fmori\dsp3_20073116.ais
C:\atm\firmware__\cdu\fmori\dsp3_20073115.ini
C:\atm\firmware__\cdu\fmori\dsp3_20073115.ais
C:\atm\firmware__\cdu\fmori\cdu_arm_20200825
C:\atm\firmware__\cdu\fmori\headinfo.ini
C:\atm\drvsp__\exe_cdu\yhbmp2jpg.dll
C:\atm\drvsp__\exe_cdu\setremoteip.exe
C:\atm\drvsp__\exe_cdu\netdriver.dll
C:\atm\drvsp__\exe_cdu\get_powerofflogfile.bat
C:\atm\drvsp__\exe_cdu\cashnumpic.ini
C:\atm\drvsp__\exe_cdu\cashnumpic.dll
C:\atm\drvsp__\exe_brm\d_usb11_yh_cc.dll
C:\atm\firmware__\brm\yh6040w_brm.dat
C:\atm\drvsp__\exe_cdu\yh6040w_cdu_fm_proc.dll
C:\atm\firmware__\cdu\fmori\oldadj\top_80314.bit
C:\tasklist.txt
C:\atm\firmware__\cdu\fmori\newadj\top_80314.bit
nul
C:\myping.txt
C:\atm\installer\install.log
C:\atm\firmware__\cdu\fmori\oldadj\top_80316.ini
C:\atm\firmware__\cdu\fmori\oldadj\top_80316.bit
C:\atm\firmware__\cdu\fmori\oldadj\top_80315.ini
C:\atm\firmware__\cdu\fmori\oldadj\top_80315.bit
C:\atm\drvsp\devdrv\devcon.exe
C:\atm\firmware__\cdu\fmori\oldadj\top_80314.ini
C:\atm\firmware__\cdu\fmori\oldadj\top_80313.ini
C:\atm\firmware__\cdu\fmori\oldadj\top_80313.bit
C:\atm\firmware__\cdu\fmori\newadj\top_80316.ini
C:\atm\firmware__\cdu\fmori\newadj\top_80316.bit
C:\atm\firmware__\cdu\fmori\newadj\top_80315.ini
C:\atm\firmware__\cdu\fmori\newadj\top_80315.bit
C:\atm\firmware__\cdu\fmori\newadj\top_80314.ini
C:\atm\firmware__\cdu\fmori\newadj\top_80313.bit
C:\atm\drvsp\exe\cashnumpic.ini
C:\atm\drvsp\exe\get_powerofflogfile.bat
C:\atm\drvsp\exe\netdriver.dll
C:\atm\firmware\brm\fmori\fotc.bin
C:\atm\firmware\brm\fmori\dd.conf
C:\atm\firmware\brm\fmori\busser
C:\atm\firmware\brm\fmori\burnkernel.sh
C:\atm\firmware\brm\yh6040w_brm.dat
C:\atm\drvsp\exe\reg\yh_device.reg
C:\atm\drvsp\exe\reg\yhzip.reg
C:\atm\drvsp\exe\d_usb11_yh_cc.dll
C:\atm\drvsp\exe\reg\yhbilldata.reg
C:\atm\drvsp\exe\reg\okibilldata.reg
C:\atm\drvsp\exe\yhrecfileapi.dll
C:\atm\drvsp\exe\yhbilldata.dll
C:\atm\drvsp\exe\yh6040w_brm_fm_proc.dll
C:\atm\drvsp\exe\version.ini
C:\atm\drvsp\exe\recfileapitest.exe
C:\atm\drvsp\exe\okirecfileapi.dll
C:\atm\drvsp\exe\reg\putty.reg
C:\atm\drvsp\exe\okibilldata.dll
C:\atm\firmware\brm\fmori\lfua.bin
C:\atm\firmware\brm\fmori\yh6040w
%TEMP%\{1c14d6bf-8d73-1632-eeeb-877591bc261b}\amd64\set623d.tmp
%TEMP%\{1c14d6bf-8d73-1632-eeeb-877591bc261b}\amd64\set60d5.tmp
%TEMP%\{1c14d6bf-8d73-1632-eeeb-877591bc261b}\amd64\set5fbc.tmp
C:\atm\installer\version_s.txt
C:\atm\installer\version_d.txt
C:\atm\tools\brm\upgrade tool.exe
C:\atm\tools\brm\setatmsn.bat
C:\atm\firmware\brm\fmori\multiproc_test
C:\atm\firmware\brm\fmori\lfub.bin
C:\atm\firmware\brm\fmori\usbser
C:\atm\firmware\brm\fmori\upgrade
C:\atm\firmware\brm\fmori\uim.bin
C:\atm\firmware\brm\fmori\tsm.bin
C:\atm\firmware\brm\fmori\run.sh
C:\atm\firmware\brm\fmori\restart.sh
C:\atm\firmware\brm\fmori\procmon
C:\atm\resprg\brm\yh6040w_resprg_linsys.dat
C:\atm\drvsp\devdrv\yh6040w-brm.inf
C:\atm\drvsp\devdrv\yh6040w-brm.cat
C:\atm\tools\cdu\cducapsettool.exe
C:\atm\firmware\cdu\fmori\newadj\top_80314.ini
C:\atm\firmware\cdu\fmori\newadj\top_80314.bit
C:\atm\firmware\cdu\fmori\newadj\top_80313.ini
C:\atm\firmware\cdu\fmori\newadj\top_80313.bit
C:\atm\firmware\cdu\fmori\headinfo.ini
C:\atm\firmware\cdu\fmori\dsp_19112015.out
C:\atm\firmware\cdu\fmori\newadj\top_80315.ini
C:\atm\firmware\cdu\fmori\dsp4_20073115.ais
C:\atm\firmware\cdu\fmori\dsp3_20073116.ais
C:\atm\firmware\cdu\fmori\dsp3_20073115.ini
C:\atm\firmware\cdu\fmori\dsp3_20073115.ais
C:\atm\firmware\cdu\fmori\cdu_arm_20200825
C:\atm\drvsp\exe\yhbmp2jpg.dll
C:\atm\drvsp\exe\yh6040w_cdu_fm_proc.dll
C:\atm\drvsp\exe\setremoteip.exe
C:\atm\firmware\cdu\fmori\dsp3_20073116.ini
C:\atm\firmware\cdu\fmori\newadj\top_80316.bit
C:\atm\firmware\cdu\fmori\newadj\top_80315.bit
C:\atm\firmware\cdu\fmori\newadj\top_80316.ini
C:\atm\resprg\cdu\ubootenv
C:\atm\resprg\cdu\cdu_change_ip.sh
C:\atm\resprg\cdu\sys_update.tar.bz2
C:\atm\resprg\cdu\internal.sh
C:\atm\resprg\cdu\envtool
C:\atm\resprg\cdu\cdu_sys_update.sh
C:\atm\resprg\cdu\cdu_sys_reboot.sh
C:\atm\resprg\cdu\cdu_change_ip_123.sh
C:\atm\resprg\cdu\cdu_change_ip_123.bat
C:\atm\resprg\cdu\cdu_change_ip.bat
C:\atm\firmware\cdu\fmori\oldadj\top_80313.bit
C:\atm\firmware\cdu\fmori\oldadj\top_80316.ini
C:\atm\firmware\cdu\fmori\oldadj\top_80316.bit
C:\atm\firmware\cdu\fmori\oldadj\top_80315.ini
C:\atm\firmware\cdu\fmori\oldadj\top_80315.bit
C:\atm\firmware\cdu\fmori\oldadj\top_80314.ini
C:\atm\firmware\cdu\fmori\oldadj\top_80314.bit
C:\atm\firmware\cdu\fmori\oldadj\top_80313.ini
C:\atm\tools__\cdu\cducapsettool.exe
%TEMP%\{1c14d6bf-8d73-1632-eeeb-877591bc261b}\set6431.tmp
C:\atm\tools__\cab\startcabcdipl.exe
C:\atm\tools__\cab\cabclogfile.exe
C:\atm\firmware__\brm\fmori\restart.sh
C:\atm\firmware__\brm\fmori\procmon
C:\atm\firmware__\brm\fmori\multiproc_test
C:\atm\firmware__\brm\fmori\lfub.bin
C:\atm\firmware__\brm\fmori\lfua.bin
C:\atm\firmware__\brm\fmori\fotc.bin
C:\atm\firmware__\brm\fmori\dd.conf
C:\atm\firmware__\brm\fmori\run.sh
C:\atm\firmware__\brm\fmori\busser
C:\atm\drvsp__\exe_pub\yhzip.exe
C:\atm\drvsp__\exe_pub\yhzip.bat
C:\atm\drvsp__\exe_pub\yhusbdrvwrap.dll
C:\atm\drvsp__\exe_pub\yhusbdrv.dll
C:\atm\drvsp__\exe_pub\sendkey.exe
C:\atm\drvsp__\exe_pub\readversion.bat
C:\atm\drvsp__\exe_pub\putty.exe
C:\atm\firmware__\brm\fmori\burnkernel.sh
C:\atm\installer\cn\install_bizdrv\install_bizdrv_cab.bat
C:\atm\installer\cn\install_firmware\install_firmware_cab.bat
C:\atm\firmware__\brm\fmori\upgrade
C:\atm\installer\cn\install_firmware\install_firmware_brm.bat
C:\atm\installer\cn\install_firmware\install_firmware.bat
C:\atm\installer\cn\install_devdrv\install_devdrv_cdu.bat
C:\atm\installer\cn\install_devdrv\install_devdrv_cab.bat
C:\atm\installer\cn\install_devdrv\install_devdrv_brm.bat
C:\atm\installer\cn\install_devdrv\install_devdrv.bat
C:\atm\installer\cn\install_bizdrv\install_bizdrv_pub.bat
C:\atm\drvsp__\exe_pub\pthreadvse2.dll
C:\atm\installer\cn\install_bizdrv\install_bizdrv_cdu.bat
C:\atm\installer\cn\install_bizdrv\install_bizdrv_brm.bat
C:\atm\installer\cn\install_bizdrv\install_bizdrv.bat
C:\atm\installer\cn\install.bat
C:\atm\firmware__\cab\yh6040w_cab.dat
C:\atm\firmware__\cab\fmori\cabc.bin
C:\atm\firmware__\brm\fmori\yh6040w
C:\atm\firmware__\brm\fmori\usbser
C:\atm\firmware__\brm\fmori\tsm.bin
C:\atm\firmware__\brm\fmori\uim.bin
C:\atm\drvsp__\exe_pub\pthreadvc2.dll
C:\atm\drvsp__\exe_brm\reg\putty.reg
C:\atm\drvsp__\exe_brm\okirecfileapi.dll
C:\atm\drvsp__\exe_brm\okibilldata.dll
C:\atm\drvsp__\devdrv_pub\setsigpolicy.exe
C:\atm\drvsp__\devdrv_pub\installdrv.exe
C:\atm\drvsp__\devdrv_pub\installdrv.bat
C:\atm\drvsp__\devdrv_pub\i386\wudfupdate_01009.dll
C:\atm\drvsp__\devdrv_pub\i386\winusbcoinstaller2.dll
C:\atm\drvsp__\exe_brm\recfileapitest.exe
C:\atm\drvsp__\devdrv_pub\i386\wdfcoinstaller01009.dll
C:\atm\drvsp__\devdrv_pub\devcon.exe
C:\atm\drvsp__\devdrv_pub\amd64\wudfupdate_01009.dll
C:\atm\drvsp__\devdrv_pub\amd64\winusbcoinstaller2.dll
C:\atm\drvsp__\devdrv_pub\amd64\wdfcoinstaller01009.dll
C:\atm\drvsp__\devdrv_cab\yh6040w-cabc.inf
C:\atm\drvsp__\devdrv_cab\yh6040w-cabc.cat
C:\atm\drvsp__\devdrv_brm\yh6040w-brm.inf
C:\atm\drvsp__\devdrv_pub\devcon_x64.exe
C:\atm\drvsp__\exe_cab\startcabcdipl.exe
C:\atm\drvsp__\exe_pub\pthreadgc2.dll
C:\atm\drvsp__\exe_brm\reg\yhbilldata.reg
C:\atm\drvsp__\exe_pub\pscp.exe
C:\atm\drvsp__\exe_pub\firmwaremanager.exe
C:\atm\drvsp__\exe_pub\findhardware.exe
C:\atm\drvsp__\exe_pub\filever.exe
C:\atm\drvsp__\exe_pub\d_usb11_oki_win7.dll
C:\atm\drvsp__\exe_pub\d_usb11_oki.dll
C:\atm\drvsp__\exe_pub\d_usb11.dll
C:\atm\drvsp__\exe_pub\pthreadgce2.dll
C:\atm\drvsp__\exe_cab\yh6040w_cab_fm_proc.dll
C:\atm\drvsp__\exe_cab\d_usb11_yh_cabc.dll
C:\atm\drvsp__\exe_brm\yhrecfileapi.dll
C:\atm\drvsp__\exe_brm\yhbilldata.dll
C:\atm\drvsp__\exe_brm\yh6040w_brm_fm_proc.dll
C:\atm\drvsp__\exe_brm\version.ini
C:\atm\drvsp__\exe_brm\reg\yh_device.reg
C:\atm\drvsp__\exe_brm\reg\yhzip.reg
C:\atm\drvsp__\exe_brm\reg\okibilldata.reg
C:\atm\installer\cn\install_firmware\install_firmware_cdu.bat
C:\atm\installer\cn\install_resprg\install_resprg.bat
C:\atm\installer\cn\install_resprg\install_resprg_brm.bat
C:\atm\installer\pub\isstart\is_start_brm.bat
C:\atm\installer\pub\isinstall\is_install_cdu.bat
C:\atm\installer\pub\isinstall\is_install_cab.bat
C:\atm\installer\pub\isinstall\is_install_brm.bat
C:\atm\installer\pub\create_cdu_firmware_rt.bat
C:\atm\installer\pub\copyfile\copyfile_pub.bat
C:\atm\installer\pub\copyfile\copyfile_cdu.bat
C:\atm\installer\pub\checkfile\checkfile_brm.bat
C:\atm\installer\pub\copyfile\copyfile_cab.bat
C:\atm\installer\pub\copyfile\copyfile.bat
C:\atm\installer\pub\checkfm\checkfm_cdu.bat
C:\atm\installer\pub\checkfm\checkfm_cab.bat
C:\atm\installer\pub\checkfm\checkfm_brm.bat
C:\atm\installer\pub\checkfm\checkfm.bat
C:\atm\installer\pub\checkfile\checkfile_pub.bat
C:\atm\installer\pub\checkfile\checkfile_cdu.bat
C:\atm\installer\pub\copyfile\copyfile_brm.bat
C:\atm\installer\pub\checkfile\checkfile_cab.bat
C:\atm\installer\pub\isstart\is_start_cab.bat
C:\atm\resprg__\cdu\cdu_change_ip_123.sh
C:\atm\tools__\brm\upgrade tool.exe
C:\atm\tools__\brm\setatmsn.bat
C:\atm\resprg__\cdu\ubootenv
C:\atm\resprg__\cdu\sys_update.tar.bz2
C:\atm\resprg__\cdu\internal.sh
C:\atm\resprg__\cdu\envtool
C:\atm\resprg__\cdu\cdu_sys_update.sh
C:\atm\installer\pub\kill.bat
C:\atm\installer\pub\isstart\is_start_cdu.bat
C:\atm\resprg__\cdu\cdu_change_ip_123.bat
C:\atm\resprg__\cdu\cdu_change_ip.sh
C:\atm\resprg__\cdu\cdu_change_ip.bat
C:\atm\resprg__\brm\yh6040w_resprg_linsys.dat
C:\atm\installer\start.bat
C:\atm\installer\pub\query_os.bat
C:\atm\installer\pub\query_bitwidth.bat
C:\atm\resprg__\cdu\cdu_sys_reboot.sh
C:\atm\installer\pub\checkfile\checkfile.bat
C:\atm\installer\pub\addpath.bat
C:\atm\installer\en\restart_wait\wait_cdu.bat
C:\atm\installer\en\install_bizdrv\install_bizdrv_cab.bat
C:\atm\installer\en\install_bizdrv\install_bizdrv_brm.bat
C:\atm\installer\en\install_bizdrv\install_bizdrv.bat
C:\atm\installer\en\install.bat
C:\atm\installer\cn\restart_wait\wait_cdu.bat
C:\atm\installer\cn\restart_wait\wait_cab.bat
C:\atm\installer\en\install_bizdrv\install_bizdrv_pub.bat
C:\atm\installer\cn\restart_wait\wait_brm.bat
C:\atm\installer\cn\restart_wait\restart_cdu.bat
C:\atm\installer\cn\restart_wait\restart_cab.bat
C:\atm\installer\cn\restart_wait\restart_brm.bat
C:\atm\installer\cn\restart_wait\restart.bat
C:\atm\installer\cn\modules.bat
C:\atm\installer\cn\install_resprg\install_resprg_cdu.bat
C:\atm\installer\cn\install_resprg\install_resprg_cab.bat
C:\atm\installer\cn\restart_wait\wait.bat
C:\atm\installer\en\install_devdrv\install_devdrv.bat
C:\atm\installer\en\install_bizdrv\install_bizdrv_cdu.bat
C:\atm\installer\en\install_devdrv\install_devdrv_brm.bat
C:\atm\installer\en\restart_wait\wait_cab.bat
C:\atm\installer\en\install_resprg\install_resprg_cdu.bat
C:\atm\installer\en\restart_wait\wait_brm.bat
C:\atm\installer\en\restart_wait\wait.bat
C:\atm\installer\en\restart_wait\restart_cdu.bat
C:\atm\installer\en\restart_wait\restart_cab.bat
C:\atm\installer\en\restart_wait\restart_brm.bat
C:\atm\installer\en\restart_wait\restart.bat
C:\atm\installer\en\modules.bat
C:\atm\installer\en\install_resprg\install_resprg_cab.bat
C:\atm\installer\en\install_devdrv\install_devdrv_cab.bat
C:\atm\installer\en\install_resprg\install_resprg_brm.bat
C:\atm\installer\en\install_resprg\install_resprg.bat
C:\atm\installer\en\install_firmware\install_firmware_cdu.bat
C:\atm\installer\en\install_firmware\install_firmware_cab.bat
C:\atm\installer\en\install_firmware\install_firmware_brm.bat
C:\atm\installer\en\install_firmware\install_firmware.bat
C:\atm\installer\en\install_devdrv\install_devdrv_cdu.bat
C:\atm\tools__\cab\cabc_pc_lrae.exe
%TEMP%\{1c14d6bf-8d73-1632-eeeb-877591bc261b}\set652c.tmp

Deletes the following files

C:\atm\drvsp__\exe_brm\reg\putty.reg
C:\atm\firmware__\brm\fmori\busser
C:\atm\firmware__\brm\fmori\fotc.bin
C:\atm\firmware__\brm\fmori\lfua.bin
C:\atm\firmware__\brm\fmori\lfub.bin
C:\atm\firmware__\brm\fmori\multiproc_test
C:\atm\firmware__\brm\fmori\procmon
C:\atm\firmware__\brm\fmori\run.sh
C:\atm\drvsp__\exe_pub\yhusbdrv.dll
C:\atm\firmware__\brm\fmori\tsm.bin
C:\atm\firmware__\brm\fmori\uim.bin
C:\atm\firmware__\brm\fmori\upgrade
C:\atm\firmware__\brm\fmori\usbser
C:\atm\firmware__\brm\fmori\yh6040w
C:\atm\firmware__\cab\fmori\cabc.bin
C:\atm\firmware__\brm\fmori\burnkernel.sh
C:\atm\resprg__\cdu\ubootenv
C:\atm\resprg__\cdu\internal.sh
C:\atm\resprg__\cdu\envtool
C:\atm\resprg__\cdu\cdu_sys_reboot.sh
C:\atm\resprg__\cdu\cdu_change_ip.bat
C:\atm\tools__\brm\setatmsn.bat
C:\atm\drvsp__\exe_pub\yhzip.exe
C:\atm\drvsp__\exe_pub\yhzip.bat
C:\atm\firmware__\brm\fmori\restart.sh
C:\atm\drvsp__\exe_pub\sendkey.exe
C:\atm\drvsp__\exe_pub\putty.exe
C:\atm\drvsp__\exe_pub\pscp.exe
C:\atm\drvsp__\exe_pub\filever.exe
C:\atm\drvsp__\exe_pub\d_usb11.dll
C:\atm\drvsp__\exe_brm\version.ini
C:\atm\drvsp__\exe_brm\reg\yhzip.reg
C:\atm\firmware__\cdu\fmori\cdu_arm_20200825
C:\atm\firmware__\cdu\fmori\headinfo.ini

Moves the following files

from C:\atm\drvsp\exe\d_usb11_oki.dll to C:\atm\drvsp\exe\d_usb11_oki_xp.dll
from C:\atm\drvsp\devdrv\devcon.exe to C:\atm\drvsp\devdrv\devcon_x86.exe
from %TEMP%\{1c14d6bf-8d73-1632-eeeb-877591bc261b}\amd64\set5fbc.tmp to %TEMP%\{1c14d6bf-8d73-1632-eeeb-877591bc261b}\amd64\wdfcoinstaller01009.dll
from %TEMP%\{1c14d6bf-8d73-1632-eeeb-877591bc261b}\amd64\set60d5.tmp to %TEMP%\{1c14d6bf-8d73-1632-eeeb-877591bc261b}\amd64\winusbcoinstaller2.dll
from %TEMP%\{1c14d6bf-8d73-1632-eeeb-877591bc261b}\amd64\set623d.tmp to %TEMP%\{1c14d6bf-8d73-1632-eeeb-877591bc261b}\amd64\wudfupdate_01009.dll
from %TEMP%\{1c14d6bf-8d73-1632-eeeb-877591bc261b}\set6431.tmp to %TEMP%\{1c14d6bf-8d73-1632-eeeb-877591bc261b}\yh6040w-cabc.cat
from %TEMP%\{1c14d6bf-8d73-1632-eeeb-877591bc261b}\set652c.tmp to %TEMP%\{1c14d6bf-8d73-1632-eeeb-877591bc261b}\yh6040w-cabc.inf

Substitutes the following files

C:\atm\drvsp\exe\d_usb11_oki.dll
C:\atm\drvsp\devdrv\devcon.exe

Miscellaneous

Searches for the following windows

ClassName: 'EDIT' WindowName: ''
ClassName: '' WindowName: ''

Creates and executes the following

'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\yhUsbDrv.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\yhBMP2JPG.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_CDU\yhBMP2JPG.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\yh6040w_cdu_fm_proc.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_CDU\yh6040w_cdu_fm_proc.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\CashNumPic.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_CDU\CashNumPic.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\D_Usb11_yh_cc.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_BRM\D_Usb11_yh_cc.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\OkiBillData.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_BRM\OkiBillData.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\yh6040w_brm_fm_proc.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_BRM\yh6040w_brm_fm_proc.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\OkiRecFileAPI.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_BRM\OkiRecFileAPI.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\RecFileAPITest.exe
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_BRM\RecFileAPITest.exe
'C:\atm\drvsp\devdrv\setsigpolicy.exe' 0
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_CDU\NetDriver.dll
'C:\atm\drvsp\devdrv\devcon.exe' status "USB\VID_0525&PID_b001"
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\NetDriver.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\SetRemoteIP.exe
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_PUB\yhUsbDrv.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\yhUsbDrvWrap.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_PUB\yhUsbDrvWrap.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\D_Usb11.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_PUB\D_Usb11.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\D_Usb11_OKI.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_PUB\D_Usb11_OKI.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\D_Usb11_OKI_WIN7.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_PUB\D_Usb11_OKI_WIN7.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\FirmwareManager.exe
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_PUB\FirmwareManager.exe
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\YHZip.exe
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_PUB\YHZip.exe
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\D_Usb11_yh_cabc.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_CAB\D_Usb11_yh_cabc.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP\EXE\yh6040w_cab_fm_proc.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_CAB\yh6040w_cab_fm_proc.dll
'C:\atm\drvsp\exe\filever.exe' C:\ATM\DRVSP__\EXE_CDU\SetRemoteIP.exe
'C:\atm\drvsp\devdrv\devcon.exe' install "C:\ATM\DRVSP\DEVDRV\yh6040w-CABC.inf" "USB\VID_0525&PID_b001"

Executes the following

'%WINDIR%\syswow64\cmd.exe' /c ""C:\ATM\INSTALLER\start.bat" "
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\FIRMWARE__\CAB\*.* C:\ATM\FIRMWARE\CAB\*.* /E /H /C /Y
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\DRVSP__\EXE_CAB\*.* C:\ATM\DRVSP\EXE\*.* /E /H /C /Y
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\DRVSP__\DEVDRV_CAB\*.* C:\ATM\DRVSP\DEVDRV\*.* /E /H /C /Y
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\DRVSP__\EXE_PUB\*.* C:\ATM\DRVSP\EXE\*.* /E /H /C /Y
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\DRVSP__\DEVDRV_PUB\*.* C:\ATM\DRVSP\DEVDRV\*.* /E /H /C /Y
'%WINDIR%\syswow64\findstr.exe' /I /C:"PowerTestRecycle.exe" c:\tasklist.txt
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\RESPRG__\CAB\*.* C:\ATM\RESPRG\CAB\*.* /E /H /C /Y
'%WINDIR%\syswow64\findstr.exe' /I /C:"TestTool.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"UpgradeHeadGen.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"Upgrade tool.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"StartCabcDIPL.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"ResolveFramePlat.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"LogRead.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"CduCapSetTool.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"SPDeposit.exe" c:\tasklist.txt
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\RESPRG__\BRM\*.* C:\ATM\RESPRG\BRM\*.* /E /H /C /Y
'%WINDIR%\syswow64\findstr.exe' /I /C:"Driver is running." c:\myping.txt
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\DRVSP__\EXE_CDU\*.* C:\ATM\DRVSP\EXE\*.* /E /H /C /Y
'%WINDIR%\syswow64\findstr.exe' /I /C:"6.1." c:\myping.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"6.0." c:\myping.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"5.2." c:\myping.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"5.1." c:\myping.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"5.0." c:\myping.txt
'%WINDIR%\syswow64\fc.exe' /B C:\ATM\INSTALLER\version_d.txt C:\ATM\INSTALLER\version_s.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"CABCLogFile.exe" c:\tasklist.txt
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\TOOLS__\BRM\*.* C:\ATM\TOOLS\BRM\*.* /E /H /C /Y
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\FIRMWARE__\BRM\*.* C:\ATM\FIRMWARE\BRM\*.* /E /H /C /Y
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\DRVSP__\EXE_BRM\*.* C:\ATM\DRVSP\EXE\*.* /E /H /C /Y
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\DRVSP__\DEVDRV_BRM\*.* C:\ATM\DRVSP\DEVDRV\*.* /E /H /C /Y
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\TOOLS__\CDU\*.* C:\ATM\TOOLS\CDU\*.* /E /H /C /Y
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\RESPRG__\CDU\*.* C:\ATM\RESPRG\CDU\*.* /E /H /C /Y
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\FIRMWARE__\CDU\*.* C:\ATM\FIRMWARE\CDU\*.* /E /H /C /Y
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\TOOLS__\CAB\*.* C:\ATM\TOOLS\CAB\*.* /E /H /C /Y
'%WINDIR%\syswow64\xcopy.exe' c:\ATM\DRVSP__\DEVDRV_CDU\*.* C:\ATM\DRVSP\DEVDRV\*.* /E /H /C /Y
'%WINDIR%\syswow64\findstr.exe' /I /C:"CABC_pc_lrae.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"YHC81Driver.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"IO_Test.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"diag.exe" c:\tasklist.txt
'%WINDIR%\syswow64\tasklist.exe'
'%WINDIR%\syswow64\ping.exe' localhost -n 2
'%WINDIR%\syswow64\findstr.exe' /I /C:"3" c:\InstallModules.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"1" c:\InstallModules.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"Router.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"2" c:\InstallModules.txt
'%WINDIR%\syswow64\reg.exe' Query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\Language" /v "InstallLanguage"
'%WINDIR%\syswow64\cmd.exe' /c Reg Query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\Language" /v "InstallLanguage"
'%WINDIR%\syswow64\wbem\wmic.exe' ENVIRONMENT where "name='path' and username='<system>'" set VariableValue="c:\atm\drvsp\exe;%ALLUSERSPROFILE%\Oracle\Java\javapath;<SYSTEM32>;%WINDIR%;<SYSTEM32>\Wbem;<SYSTEM32>\WindowsPowerShe...
'%WINDIR%\syswow64\wbem\wmic.exe' ENVIRONMENT create name="path",VariableValue="c:\atm\drvsp\exe;%ALLUSERSPROFILE%\Oracle\Java\javapath;<SYSTEM32>;%WINDIR%;<SYSTEM32>\Wbem;<SYSTEM32>\WindowsPowerShell\v1.0\"
'%WINDIR%\syswow64\findstr.exe' /i "c:\atm\drvsp\exe"
'%WINDIR%\syswow64\cmd.exe' /S /D /c" echo %ALLUSERSPROFILE%\Oracle\Java\javapath;<SYSTEM32>;%WINDIR%;<SYSTEM32>\Wbem;<SYSTEM32>\WindowsPowerShell\v1.0\"
'%WINDIR%\syswow64\findstr.exe' /I /C:"0804" c:\myping.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"TTU300.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"YHZip.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"CIM300.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"YHHelper.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"YHMonitor.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"WatchProcess.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"COLS.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"yhrouter.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"yhSPSIUCABC.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"FirmwareManager.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"YHTTU_EXE.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"CabcMainte.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"YHVdaApp.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"YHDrOKIUsbAgent.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"SIU300.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"yhsiudriver.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"CDM300.exe" c:\tasklist.txt
'%WINDIR%\syswow64\findstr.exe' /I /C:"Diaginit.exe" c:\tasklist.txt
'<SYSTEM32>\rundll32.exe' <SYSTEM32>\pnpui.dll,InstallSecurityPromptRunDllW 10 Global\{2050c430-da41-2da4-c277-5c6b2497732c} Global\{19be5732-74d7-1098-8d06-880d431b3c1e} <DRIVERSTORE>\Temp\{674eb793-6d72-2f23-916c-e502...

TECHNOLOGIES

TERMINOLOGIE

COURS ET EDU

MYTHES

Technical Information

Recommandations pour le traitement

Free trial