Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Network Host' = '%APPDATA%\Windows Network Host\netio.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Network Host' = '%APPDATA%\Windows Network Host\netio.exe'
- <Drive name for removable media>:\link.exe
- <Drive name for removable media>:\documents.lnk
- <Drive name for removable media>:\pdf.lnk
- <Drive name for removable media>:\movies.lnk
- %APPDATA%\Windows Network Host\netio.exe
- %APPDATA%\Windows Network Host\mailed.txt
- %APPDATA%\Windows Network Host\netio.exe
- <Drive name for removable media>:\link.exe
- DNS ASK dd##.data.hu
- '%APPDATA%\Windows Network Host\netio.exe'
- '%APPDATA%\Windows Network Host\netio.exe' "sendmail"
- '%APPDATA%\Windows Network Host\netio.exe' "proxy"
- '<SYSTEM32>\cmd.exe' /cipconfig