Technical Information
- [<HKLM>\System\CurrentControlSet\Services\charmap] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\charmap] 'ImagePath' = '"%WINDIR%\SysWOW64\dpapimig\charmap.exe"'
- 'charmap' "%WINDIR%\SysWOW64\dpapimig\charmap.exe"
- 'charmap' %WINDIR%\SysWOW64\dpapimig\charmap.exe
- from <Full path to file> to %WINDIR%\syswow64\dpapimig\charmap.exe
- '21#.#.219.238':80
- '16#.#44.42.60':8080
- http://16#.##4.42.60:8080/xt9rYnv2r3ink/HVsajtBmCJmHk/dDt9aLJf5jHFGs/krEq0/ via 16#.#44.42.60