Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\DllRemoteLoader] 'ImagePath' = '"<Full path to file>" /sercice'
- [<HKLM>\SYSTEM\ControlSet001\Services\DllRemoteLoader] 'Start' = '00000002'
- '<Full path to file>' Arnoldova_Ekaterina
- '<Full path to file>' /sercice