Technical Information
- '%WINDIR%\syswow64\regsvr32.exe' -s ..\hdrh.dll
- %HOMEPATH%\hdrh.dll
- <Current directory>\5d631000
- <PATH_SAMPLE>.xls
- 'do###eeder.com':80
- http://do###eeder.com/cgi-bin/xJ91ZttGRioQ7IUL/
- http://www.do###eeder.com/cgi-bin/xJ91ZttGRioQ7IUL/
- DNS ASK do###eeder.com
- '%WINDIR%\syswow64\regsvr32.exe' -s ..\hdrh.dll' (with hidden window)