Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{2B7F1D37-0E4C-0B1B-17B9-6C54356BC95A}] 'StubPath' = '<SYSTEM32>:propdump.exe'
- %WINDIR%\Explorer.EXE
- <SYSTEM32>:propdump.exe
- <Full path to file>
- 'mo####alu.no-ip.org':3460
- 'mo###.no-ip.org':3460
- 'pf####-pf.no-ip.org':3460
- 'pf####.no-ip.org':3460
- DNS ASK mo####alu.no-ip.org
- DNS ASK mo###.no-ip.org
- DNS ASK pf####-pf.no-ip.org
- DNS ASK pf####.no-ip.org
- '<Full path to file>'
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' -nohome