Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'apiMgIME' = '%APPDATA%\Microsoft\Acle3d10\d3dx0_33.exe'
- <SYSTEM32>\rundll32.exe
- iexplore.exe
- firefox.exe process, wininet.dll module
- iexplore.exe process, advapi32.dll module
- iexplore.exe process, urlmon.dll module
- firefox.exe process, advapi32.dll module
- firefox.exe process, urlmon.dll module
- firefox.exe process, nss3.dll module
- iexplore.exe process, wininet.dll module
- iexplore.exe process, mshtml.dll module
- mailslot\slb1c
- %APPDATA%\microsoft\acle3d10\d3dx0_33.exe
- DNS ASK google.com
- ClassName: 'ProgMan' WindowName: ''
- '<SYSTEM32>\rundll32.exe' Shell32.dll,Control_RunDLL /?' (with hidden window)
- '<SYSTEM32>\control.exe' /?
- '<SYSTEM32>\rundll32.exe' Shell32.dll,Control_RunDLL /?