Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Registry Driver' = '%APPDATA%\regdrv.exe'
- %APPDATA%\regdrv.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\0a751581d5e1b56c29c213ee06c99419[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\google_add[1].php
- %APPDATA%\regdrv.exe
- %APPDATA%\regdrv.exe
- 'y-##dex.ru':80
- y-##dex.ru/0a751581d5e1b56c29c213ee06c99419
- y-##dex.ru/NET/google_add.php?qu################################################
- DNS ASK y-##dex.ru
- '<Private IP address>':1035
- ClassName: 'Indicator' WindowName: ''