Technical Information
- %WINDIR%\tasks\easyfix.job
- [<HKLM>\System\CurrentControlSet\Services\Hurtful Bevy] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Hurtful Bevy] 'ImagePath' = '%APPDATA%\Hurtful Bevy\Hurtful Bevy.exe'
- %ALLUSERSPROFILE%\application data\{ee0318b8-6145-78f2-ee03-318b861462e1}\<File name>.exe
- %ALLUSERSPROFILE%\application data\{ee0318b8-6145-78f2-ee03-318b861462e1}\<File name>.dat
- %APPDATA%\hurtful bevy\hurtful bevy.exe
- \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009
- %APPDATA%\hurtful bevy\am.dat
- DNS ASK di###lstate.net
- DNS ASK al####el-pro.com
- DNS ASK ri###ynorth.biz
- DNS ASK ge####ltiple.link
- '%APPDATA%\hurtful bevy\hurtful bevy.exe'