Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'Computer Helper' = '"%PROGRAMDATA%\252626\helper.exe" -a /a'
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Computer Helper' = '"%PROGRAMDATA%\252626\helper.exe" -a /a'
- %PROGRAMDATA%\72f119bc42cffc0cf98255ae1af418af64295b4a
- %PROGRAMDATA%\252626\helper.exe
- %PROGRAMDATA%\72f119bc42cffc0cf98255ae1af418af64295b4a
- '<LOCALNET>.0.81':1605
- DNS ASK fr######12345.DUCKDNS.ORG