Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Wininit' = '<Full path to file>'
- C:\LOG\<File name>.exe.DEBUG.log
- C:\LOG\.DEBUG.log
- 'gu#####ecaba.pr.gov.br':80
- http://gu#####ecaba.pr.gov.br/php1/notify.php
- DNS ASK gu#####ecaba.pr.gov.br
- ClassName: 'Shell_TrayWnd' WindowName: ''