Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ϵͳÊäÈë·¨' = '%ProgramFiles%\Msna\njxof14444.exe'
- %WINDIR%\syswow64\odbcad32.exe
- http://www.23###iasu.com/abc8.dll
- DNS ASK 23###iasu.com
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'WorkerW' WindowName: ''
- ClassName: 'ReBarWindow32' WindowName: ''
- ClassName: 'Address Band Root' WindowName: ''
- ClassName: 'Edit' WindowName: ''
- '%WINDIR%\syswow64\odbcad32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\odbcad32.exe'