Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'dosa' = '%ALLUSERSPROFILE%\Application Data\<File name>.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\<File name>.exe
- <Drive name for removable media>:\<File name>.exe
- '%ALLUSERSPROFILE%\Application Data\<File name>.exe'
- %ALLUSERSPROFILE%\Application Data\<File name>.exe
- <Drive name for removable media>:\<File name>.exe
- 'kd#.#yq-see.com':100
- 'localhost':1037
- DNS ASK kd#.#yq-see.com