Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{917A3RWX-Q9PH-4W64-7GZ2-QC2HCMGQ5RF8}' = '"%ALLUSERSPROFILE%\Application Data\amd64_mdmhandy.inf_31bf3856ad364e35_10.0.14393.0_none_eff9...
- %ALLUSERSPROFILE%\application data\amd64_mdmhandy.inf_31bf3856ad364e35_10.0.14393.0_none_eff954b24a17455c\config.json
- %ALLUSERSPROFILE%\application data\amd64_mdmhandy.inf_31bf3856ad364e35_10.0.14393.0_none_eff954b24a17455c\config.json
- from <Full path to file> to %ALLUSERSPROFILE%\application data\amd64_mdmhandy.inf_31bf3856ad364e35_10.0.14393.0_none_eff954b24a17455c\dsccoreconfprov.exe
- '15#.#9.200.24':21
- DNS ASK ip###ger.org