Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\] 'NetWire' = '%APPDATA%\Install\Host.exe'
- %TEMP%\bob.exe
- %APPDATA%\install\host.exe
- %APPDATA%\36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee\run.dat
- %APPDATA%\36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee\catalog.dat
- %APPDATA%\36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee\storage.dat
- %APPDATA%\36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee\settings.bin
- %APPDATA%\36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee\settings.bak
- %APPDATA%\36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee\settings.bak
- '43.##6.229.43':2030
- '79.##4.225.12':1414
- '%TEMP%\bob.exe'
- '%APPDATA%\install\host.exe'