Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'LicensingUI' = '"%APPDATA%\LicensingUI\LicensingUI.exe"'
- <SYSTEM32>\tasks\firefox default browser agent bc9adfeaf540b8eb
- regasm.exe
- %APPDATA%\licensingui\licensingui.exe
- %TEMP%\regasm.exe
- %TEMP%\d8e6.tmp
- %APPDATA%\vjswist
- %APPDATA%\vjswist
- %TEMP%\regasm.exe
- DNS ASK gr###co2020.top
- DNS ASK gr###co2021.top
- DNS ASK gr###co2022.top
- '%TEMP%\regasm.exe'