Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '<File name>' = 'regsvr32.exe "<Full path to file>"'
- <SYSTEM32>\wudfhost.exe
- iexplore.exe process, crypt32.dll module
- firefox.exe process, advapi32.dll module
- iexplore.exe process, wininet.dll module
- iexplore.exe process, advapi32.dll module
- firefox.exe process, nss3.dll module
- firefox.exe process, crypt32.dll module
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '2500' = '00000003'