- #What is remote utilities viewer by usoris systems llc archive#
- #What is remote utilities viewer by usoris systems llc windows#
The CallbackSettings parameter contains the address of the server to which the InternetID is sent for direct connection: The parameter values are stored in the Registry table: The sequence is defined by the value of the Sequence field for the corresponding action in the InstallExecuteSequence table.Ĭonnection parameters and settings are added in the HKLM\Remote Utilities\v4\Server\Parameters registry key. Installation is performed in Program Files\Remote Utilities - Host in accordance with the Directory table.Īccording to the CustomAction table, the msiexec.exe installer launches the main module of the Remote Utilities package rutserv.exe with various parameters that provide: The MSI package contains all the necessary parameters for silently installing the Remote Utilities. After installation, it sends a notification to the C&C server. The installer extracts and silently installs the Remote Utilities program.
#What is remote utilities viewer by usoris systems llc archive#
Self-extracting archive script: unpacking, the dropper launches the installer.exe, which in turn initiates installation of a pre-configured MSI package.
#What is remote utilities viewer by usoris systems llc windows#
RAT malware that operates in the 32-bit and 64-bit versions of Microsoft Windows operating systems.