Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ReaLLogger' = '%WINDIR%\svhoste.exe'
- %WINDIR%\svhoste.exe
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: ''
- ClassName: 'gdkWindowToplevel' WindowName: 'The Wireshark Network Analyzer'
- %TEMP%\serie.exe
- %WINDIR%\svhoste.exe
- %TEMP%\AStealer Mod Spyjohn.exe
- %TEMP%\vmhoc.exe
- %WINDIR%\svhoste.exe
- 'gr###.dax.ru':21
- DNS ASK gr###.dax.ru
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'PROCEXPL' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''