FUZZING.IN
check drive and encrypts sectors:
creats a scheduled task to shutdown/reboot the system:
uses getextendedtcptable api:
drops psexec as dllhost.dat in windows directory which is embded in resource #3 of dll:
deletes system logs:
i did not had network access so couldnt generate the pcap for smb exploit.