Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'f2f0fbfaf1e8e5b1fae7fa' = '%HOMEPATH%\enwz.exe'
- from <Full path to virus> to %HOMEPATH%\enwz.exe
- DNS ASK ap##.#oreasys1.com
- DNS ASK px.###easys1.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: ''