Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '4364564' = '%PROGRAMDATA%\DOBBY INSTALLATION DIRECTORY\DOBBYSERVER.EXE'
- %WINDIR%\explorer.exe
- %PROGRAMDATA%\dobby installation directory\dobbyserver.exe
- %TEMP%\{b2e46fd4-fc1a-40e1-a88b-946234ecd5e8}
- %TEMP%\{b2e46fd4-fc1a-40e1-a88b-946234ecd5e8}
- %TEMP%\{b2e46fd4-fc1a-40e1-a88b-946234ecd5e8}
- '19#.#50.242.255':5555
- '<SYSTEM32>\svchost.exe'
- '%WINDIR%\explorer.exe'