Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Dumper Host' = 'rundll32.exe "%TEMP%\winbdm.dll", DepCmd'
- Handler for all processes: %TEMP%\winbdm.dll
- %TEMP%\winbdm.dll
- '89.##9.228.199':81
- '%WINDIR%\syswow64\rundll32.exe' "%TEMP%\winbdm.dll", DepCmd