Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'TCP/IP Host' = '%TEMP%\WinPlugin\fHand905.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'fHand311' = '%TEMP%\WinPlugin\fHand905.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'TCP/IP Host' = '%APPDATA%\UWIIUPUIEL\fHand905.exe'
- %ALLUSERSPROFILE%\start menu\programs\startup\fhand905.exe
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\] 'NoChangeStartMenu' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\] 'NoClose' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\] 'NoLogOff' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\] 'NoRun' = '00000000'
- %APPDATA%\uwiiupuiel\fhand905.exe
- %TEMP%\winplugin\fhand905.exe
- DNS ASK ip##fo.io
- DNS ASK pn####reedom.com.br