Technical Information
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'yckhd' = 'C:\360Micn.exe'
- %APPDATA%\microsoft\windows\start menu\programs\startup\yckhd.lnk
- <Current directory>\29522.exe
- <Current directory>\14603.ico
- C:\360micn.exe
- '<LOCALNET>.73.53':0
- DNS ASK 42####914s.zicp.vip
- '<Current directory>\29522.exe'
- 'C:\360micn.exe'