Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Intel Base Drivers x64 v2.8.92' = '%APPDATA%\SearchFilterHost.exe'
- '<SYSTEM32>\taskkill.exe' /f /im rundll32.exe
- %TEMP%\7ZipSfx.000\wtrwrs.bat
- %TEMP%\7ZipSfx.000\frost26.dat
- %TEMP%\7ZipSfx.000\settings.dat
- %APPDATA%\SearchFilterHost.exe
- %APPDATA%\settings.dat
- %APPDATA%\RUT_settings\Logs\rms_log_2018-07.html
- %APPDATA%\settings.dat
- %APPDATA%\SearchFilterHost.exe
- 'ru##ls.com':80
- 'yu#.#apto.org':5655
- http://ru##ls.com/utils/inet_id_notify.php?te####
- DNS ASK ru##ls.com
- DNS ASK yu#.#apto.org
- ClassName: '' WindowName: ''
- '%APPDATA%\SearchFilterHost.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7ZipSfx.000\wtrwrs.bat" "
- '<SYSTEM32>\attrib.exe' +s +h +r "%APPDATA%\settings.dat"
- '<SYSTEM32>\attrib.exe' +s +h +r "%APPDATA%\SearchFilterHost.exe"
- '<SYSTEM32>\reg.exe' add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "Intel Base Drivers x64 v2.8.92" /t REG_SZ /d "%APPDATA%\SearchFilterHost.exe" /f