Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'FD2FF318038C671847631' = '%APPDATA%\FD2FF318038C671847631\FD2FF318038C671847631.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '2500' = '00000003'
- %TEMP%\fd2ff318038c671847631
- %APPDATA%\fd2ff318038c671847631\fd2ff318038c671847631.exe
- '<LOCALNET>.10.5':80
- '%APPDATA%\fd2ff318038c671847631\fd2ff318038c671847631.exe'