Technical Information
- [<HKLM>\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN] '<File name>' = '<Full path to file>'
- Windows Task Manager (Taskmgr)
- ClassName: 'OLLYDBG', WindowName: ''
- ClassName: 'PROCEXPL', WindowName: ''
- <DRIVERS>\etc\hosts
- ClassName: 'ProcessHacker' WindowName: ''