Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Vaccine' = '%WINDIR%\Vaccine.exe'
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\Run] 'Vaccine' = '%WINDIR%\Vaccine.exe'
- %WINDIR%\vaccine.exe
- %WINDIR%\vaccine.exe
- 'as#####1g5a6s1g.co19.kr':400
- DNS ASK as#####1g5a6s1g.co19.kr
- '%WINDIR%\vaccine.exe'