Technical Information
- [<HKCU>\software\Microsoft\Windows\CurrentVersion\Run] '22KPI4N5EZOD' = '<SYSTEM32>\cmd.exe /k cd\ & cd 22KPI4N5EZOD & 22KPI4N5EZOD.exe'
- C:\users\public\documents\22kpi4n5ezod_22kpi4n5ezod_22kpi4n5ezod.zip
- C:\22kpi4~1\a.png
- http://ti###.servebeer.com/mdl/img.jpg
- DNS ASK ti###.servebeer.com