Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Registry Driver' = '%APPDATA%\regdrv.exe'
- %APPDATA%\regdrv.exe
- %APPDATA%\regdrv.exe
- 'er##e.ru':80
- DNS ASK er##e.ru
- '<Private IP address>':1036
- ClassName: 'Indicator' WindowName: ''