Technical Information
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\Run] 'KOJ Start' = '%PROGRAMDATA%\XUDROW\KOJ.exe'
- Handler for all processes: %PROGRAMDATA%\XUDROW\KOJ.01
- Handler for all processes: %PROGRAMDATA%\XUDROW\KOJ.02
- Handler for all processes: %PROGRAMDATA%\XUDROW\KOJ.01
- %PROGRAMDATA%\xudrow\koj.exe
- %PROGRAMDATA%\xudrow\koj.00
- %PROGRAMDATA%\xudrow\koj.01
- %PROGRAMDATA%\xudrow\koj.02
- ClassName: '' WindowName: '64846'
- ClassName: 'NDDEAgnt' WindowName: 'NetDDE Agent'
- ClassName: 'IEFrame' WindowName: ''
- '%PROGRAMDATA%\xudrow\koj.exe'
- '%PROGRAMDATA%\xudrow\koj.exe' ' (with hidden window)