Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '18.exe' = '%APPDATA%Microsoft\System\Services\18.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'm4L5Hif0' = '%APPDATA%\taskhost.exe'
- %APPDATA%\taskhost.exe
- %APPDATA%microsoft\system\services\18.exe
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012020053120200601\index.dat
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\metadata\f0accf77cdcbff39f6191887f6d2d357
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\content\f0accf77cdcbff39f6191887f6d2d357
- http://www.google.com/
- DNS ASK google.com
- ClassName: 'DDEMLMom' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%APPDATA%\taskhost.exe'