Technical Information
- [<HKLM>\System\CurrentControlSet\Services\hyf55] 'ImagePath' = '%TEMP%\KKxQiRI.sys'
- ClassName: 'Regmonclass', WindowName: ''
- ClassName: 'Filemonclass', WindowName: ''
- %TEMP%\ff64d.tmp
- %WINDIR%\dbkdrvr54.dll
- %APPDATA%\winrar\version.dat
- %TEMP%\kkxqiri.sys
- %TEMP%\kkxqiri.sys
- %TEMP%\kkxqiri.sys
- '58.##1.64.139':13346
- '47.##4.80.147':8000
- ClassName: '4823-00000029' WindowName: ''
- ClassName: '18467-41' WindowName: ''
- ClassName: 'WinRarWindow' WindowName: ''
- '%ProgramFiles%\winrar\winrar.exe' x -y -inul -ibck "C:\svchsot.rar" "C:\"' (with hidden window)
- '%ProgramFiles%\winrar\winrar.exe' x -y -inul -ibck "C:\svchsot.rar" "C:\"