Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Luuhx' = 'regsvr32.exe /s %APPDATA%\Rakis\coid.dll'
- %WINDIR%\syswow64\msiexec.exe
- %APPDATA%\rakis\coid.dll
- 'fq####eas.online':443
- DNS ASK fq####pheas.online
- DNS ASK fq####eas.online
- '%WINDIR%\syswow64\msiexec.exe'