Technical Information
- [<HKLM>\System\CurrentControlSet\Services\Defghi Klmnopqr] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Defghi Klmnopqr] 'ImagePath' = '%WINDIR%\Defghi.exe'
- 'Defghi Klmnopqr' %WINDIR%\Defghi.exe
- %WINDIR%\defghi.exe
- '10#.#22.246.149':8080
- '%WINDIR%\defghi.exe'
- '%WINDIR%\defghi.exe' Win7