Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AdobeFlashManager' = '%APPDATA%\UpdateAdobeFlash\Windows Update.exe'
- %APPDATA%\isolatedstorage\url.mi0xzmgolf1zrnhiz0whfnzq25wodpoh\identity.dat
- %APPDATA%\updateadobeflash\windows update.exe
- %APPDATA%\isolatedstorage\url.z5aj5lgesp0rb5rddejzcuonufd3q3ek\identity.dat
- '0.###.au.ngrok.io':11922
- '0.###.au.ngrok.io':11922
- DNS ASK 0.###.au.ngrok.io
- '%APPDATA%\updateadobeflash\windows update.exe'
- '%WINDIR%\syswow64\cmd.exe'