Technical Information
- %WINDIR%\dae889.reg
- %WINDIR%\infosapi.dll
- %WINDIR%\syswow64\wbem\acpi.vxd
- %WINDIR%\system\<File name>.exe
- %WINDIR%\syswow64\wbem\sqm.tmp
- %WINDIR%\dae889.reg
- %WINDIR%\syswow64\wbem\acpi.vxd
- %WINDIR%\syswow64\wbem\sqm.tmp
- %WINDIR%\dae889.reg
- %WINDIR%\syswow64\wbem\acpi.vxd
- %WINDIR%\syswow64\wbem\sqm.tmp
- 'dm####osnos.kit.net':80
- http://www.dm####osnos.kit.net/zzz/images.zip
- DNS ASK dm####osnos.kit.net
- ClassName: 'EA548' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- '%WINDIR%\syswow64\regedit.exe' /s %WINDIR%\DAE889Reg' (with hidden window)
- '%WINDIR%\syswow64\regedit.exe' /s %WINDIR%\DAE889Reg