Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'tTSNMEomet' = 'C:\Users\Public\tTSNMEomet.vbs'
- host.exe
- %APPDATA%\datastorecachedumptool\bamsettingsclient.bat
- %APPDATA%\install\host.exe
- %APPDATA%\install\host.exe
- 'ma######copy.duckdns.org':9810
- DNS ASK ma######copy.duckdns.org
- '%APPDATA%\install\host.exe'