Technical Information
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'explorer.exe,"%APPDATA%\Microsoft\Windows\Start Menu\Programs\Mozilla\Dependencies.exe",'
- regasm.exe
- %TEMP%\lopfncocpdripscript.exe
- %TEMP%\kypgdzwxpgepxvqpkkcvjem.vbs
- %APPDATA%\microsoft\windows\start menu\programs\mozilla\dependencies.exe
- %TEMP%\regasm.exe
- 'se####.twitter.com':80
- 'hy######etworks.duckdns.org':6969
- http://se####.twitter.com/search.atom?&q######
- 'hy######etworks.duckdns.org':6969
- DNS ASK se####.twitter.com
- DNS ASK hy######etworks.duckdns.org
- '%WINDIR%\syswow64\wscript.exe' "%TEMP%\Kypgdzwxpgepxvqpkkcvjem.vbs"
- '%TEMP%\regasm.exe'
- '%TEMP%\lopfncocpdripscript.exe'