Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\wininfo.exe] 'Start' = '00000002'
- <SYSTEM32>\wininfo.exe /s /p 27016 /i
- <SYSTEM32>\wininfo.exe
- 'it####syouall.com':80
- it####syouall.com/flickr/ini/?a=#######
- DNS ASK it####syouall.com
- '<Private IP address>':1036
- '<Private IP address>':1035