Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Hyox' = 'regsvr32.exe /s %APPDATA%\Kiax\ahycreak.dll'
- %WINDIR%\syswow64\msiexec.exe
- %APPDATA%\kiax\ahycreak.dll
- 'ds####d9ddksaas.com':443
- DNS ASK ds####d9ddksaas.com
- '%WINDIR%\syswow64\msiexec.exe'