Technical Information
- %WINDIR%\microsoft.net\framework\v4.0.30319\regasm.exe
- %WINDIR%\microsoft.net\framework\v4.0.30319\regasm.exe
- http://ra##modu.ga/~zadmin/iclient/eg_uPPQFSNKUy176.bin
- DNS ASK ra##modu.ga
- '%WINDIR%\microsoft.net\framework\v4.0.30319\regasm.exe' ' (with hidden window)
- '%WINDIR%\microsoft.net\framework\v4.0.30319\regasm.exe'