Technical Information
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] 'IPC Configuration Utility' = 'IPC Configuration Utility'
- %TEMP%\1_dropper_286962.exe
- %TEMP%\2_load.exe
- %TEMP%\wndutl32.dll
- %APPDATA%\~tmp.html
- %APPDATA%\config.cfg
- '%TEMP%\1_dropper_286962.exe'
- '%TEMP%\2_load.exe'
- '%WINDIR%\syswow64\rundll32.exe' %TEMP%\wndutl32.dll,load' (with hidden window)
- '%WINDIR%\syswow64\rundll32.exe' %TEMP%\wndutl32.dll,load