Technical Information
- %ALLUSERSPROFILE%\Mindea\Mindea.lnk
- '<SYSTEM32>\rundll32.exe' "<LS_APPDATA>\Microsoft\Windows\UHCYp.dll",start <Full path to file>
- <LS_APPDATA>\Microsoft\Windows\UHCYp.dll
- 'wh#####yipaddress.com':80
- '<L####NET>.1.124':80
- http://wh#####yipaddress.com/
- http://19#.#68.1.124/MJ_Main.txt via <L####NET>.1.124
- DNS ASK wh#####yipaddress.com