Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'fezb.exe' = '%WINDIR%\WindowsUpdata\fezb.exe'
- User Account Control (UAC)
- '%WINDIR%\WindowsUpdata\fezb.exe'
- '<SYSTEM32>\cmd.exe' /c del <Full path to file> > nul
- %WINDIR%\WindowsUpdata\fezb.exe
- <Full path to file>
- '10#.#00.183.26':2445