Technical Information
- [<HKLM>\System\CurrentControlSet\Services\luafv] 'Start' = '00000001'
- Windows Security Center
- Windows Action Center
- %ALLUSERSPROFILE%\f4d55f6b0000a21b0004ddabb4eb2331\f4d55f6b0000a21b0004ddabb4eb2331.exe
- %ALLUSERSPROFILE%\f4d55f6b0000a21b0004ddabb4eb2331\f4d55f6b0000a21b0004ddabb4eb2331
- 'localhost':50945
- 'localhost':60543
- '%ALLUSERSPROFILE%\f4d55f6b0000a21b0004ddabb4eb2331\f4d55f6b0000a21b0004ddabb4eb2331.exe' "<Full path to file>"