Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'XXXXXXC4317719' = '%WINDIR%\XXXXXXC4317719\svchsot.exe'
- from <Full path to file> to %WINDIR%\XXXXXXC4317719\svchsot.exe
- 'localhost':8000
- '12#.#0.82.222':58588
- ClassName: '' WindowName: 'ИрРЗіМРтЙэј¶ЦР'
- ClassName: '' WindowName: '??????????????'