Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'windows defender' = '<Full path to file>'
- %APPDATA%\microsoft\windows\start menu\programs\startup\windows defender.exe
- 'fa####u.myq-see.com':3333
- DNS ASK fa####u.myq-see.com