Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'NORMALFO' = '%HOMEPATH%\trnefu\Stenstorme.vbs'
- stenstorme.exe
- %HOMEPATH%\trnefu\stenstorme.exe
- %HOMEPATH%\trnefu\stenstorme.vbs
- 'bv####dwsdfxc.ug':6976
- 'drive.google.com':443
- 'do#########ocs.googleusercontent.com':443
- DNS ASK drive.google.com
- DNS ASK do#########ocs.googleusercontent.com
- DNS ASK bv####dwsdfxc.ug
- '%HOMEPATH%\trnefu\stenstorme.exe'