Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\6to4] 'Start' = '00000002'
- <SYSTEM32>\svchost.exe -K NETSVCS
- <SYSTEM32>\taskkill.exe /f /t /im RSTray.exe
- %TEMP%\104984_wwhhmm.TEMP
- <SYSTEM32>\6to4System.dll
- 'q6####5.3322.org':8016
- DNS ASK q6####5.3322.org
- '<Private IP address>':1035
- ClassName: '' WindowName: ''