Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Audio Service.exe' = '%APPDATA%\Microsoft\Audio Service.exe'
- %WINDIR%\temp\svhost.exe
- %TEMP%\%tmp%.exe
- %APPDATA%\microsoft\audio service.exe
- %WINDIR%\temp\svhost.exe
- %APPDATA%\microsoft\audio service.exe
- %APPDATA%\microsoft\audio service.exe
- '88.##9.143.215':13337
- '%TEMP%\%tmp%.exe'
- '%APPDATA%\microsoft\audio service.exe'