Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\] 'NetWire' = '%APPDATA%\Install\Host.exe'
- host.exe
- %APPDATA%\install\host.exe
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\metadata\f0accf77cdcbff39f6191887f6d2d357
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\content\f0accf77cdcbff39f6191887f6d2d357
- 'gr####8.duckdns.org':3372
- 'on####ve.live.com':443
- 'o6####.#b.files.1drv.com':443
- DNS ASK on####ve.live.com
- DNS ASK o6####.#b.files.1drv.com
- DNS ASK gr####8.duckdns.org
- '%APPDATA%\install\host.exe'