Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'csrss' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'svchost' = '"<LS_APPDATA>\Relatorio_Erros\svchost.exe"'
- ClassName: 'OLLYDBG', WindowName: ''
- ClassName: 'GBDYLLO', WindowName: ''
- ClassName: 'pediy06', WindowName: ''
- <LS_APPDATA>\Relatorio_Erros\svchost.exe
- <LS_APPDATA>\Relatorio_Erros\sqlite3.dll
- 'fu####-ovejuna.cz':80
- http://www.fu####-ovejuna.cz/admin/includes/css.php via fu####-ovejuna.cz
- DNS ASK www.fu####-ovejuna.cz