Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\svc.exe
- %APPDATA%\svc.exe
- %TEMP%\462855534.jpg
- 'da#####y1.servebeer.com':1789
- 'da#####y5.servebeer.com':1789
- '<LOCALNET>.1.175':1789
- DNS ASK da#####y1.servebeer.com
- DNS ASK da#####y5.servebeer.com
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''
- '%APPDATA%\svc.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen %TEMP%\462855534.jpg