Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '' = 'WindowsNT\svchostX64.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\svchostX64.exe
- <LS_APPDATA>\Client\<File name>.exe_Url_vhjf5iwd5kfr4inxqdesdml4dzx0tzde\1.0.0.0\3uacwqnv.newcfg
- from <LS_APPDATA>\Client\<File name>.exe_Url_vhjf5iwd5kfr4inxqdesdml4dzx0tzde\1.0.0.0\3uacwqnv.newcfg to <LS_APPDATA>\Client\<File name>.exe_Url_vhjf5iwd5kfr4inxqdesdml4dzx0tzde\1.0.0.0\user.config
- '<LOCALNET>.2.20':4783
- 'localhost':4783
- ClassName: 'Shell_traywnd' WindowName: ''