Technical Information
- [\REGISTRY\USER\S-1-5-21-1238866942-1249195528-555854008-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1400' = '00000003'
- [\REGISTRY\USER\S-1-5-21-1238866942-1249195528-555854008-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1C00' = '00000000'
- %WINDIR%\syswow64\config\fl1706stsfzr.pps
- %WINDIR%\syswow64\config\fl1706stsfzr.bat
- %WINDIR%\syswow64\config\fl1706stsfzr.exe
- '34.##9.100.209':443
- '34.##7.121.53':443
- DNS ASK ke###arato.com
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- '%WINDIR%\syswow64\config\fl1706stsfzr.exe'
- '%WINDIR%\syswow64\cmd.exe' /c ""<SYSTEM32>\config\fl1706stsfzr.bat" "
- '%ProgramFiles%\microsoft office\office14\powerpnt.exe' /s "<SYSTEM32>\config\fl1706stsfzr.pps"