Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'F4D55F6B0000A21B0005E275B4EB2331' = '%ALLUSERSPROFILE%\F4D55F6B0000A21B0005E275B4EB2331\F4D55F6B0000A21B0005E275B4EB2331.exe'
- [<HKLM>\System\CurrentControlSet\Services\luafv] 'Start' = '00000001'
- Windows Update
- Windows Security Center
- Windows Defender
- Windows Security Center
- Windows Action Center
- %ALLUSERSPROFILE%\f4d55f6b0000a21b0005e275b4eb2331\f4d55f6b0000a21b0005e275b4eb2331.exe
- %ALLUSERSPROFILE%\f4d55f6b0000a21b0005e275b4eb2331\f4d55f6b0000a21b0005e275b4eb2331
- '11#.#21.178.189':80
- http://11#.#21.178.189/api/urls/?ts#####################
- '%ALLUSERSPROFILE%\f4d55f6b0000a21b0005e275b4eb2331\f4d55f6b0000a21b0005e275b4eb2331.exe' "<Full path to file>"