Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Plat' = '<SYSTEM32>\rundll32.exe "%ProgramFiles%\txaaydyus\ecrjbcqjp.dll",SetModule'
- %TEMP%\krbhxeesr.exe
- %ProgramFiles%\txaaydyus\ecrjbcqjp.dll
- C:\1.txt
- %TEMP%\krbhxeesr.exe
- '10#.#63.43.246':12388
- '10#.#63.43.243':10289
- DNS ASK ho###23.zz.am
- '%TEMP%\krbhxeesr.exe' "<Full path to file>"
- '<SYSTEM32>\cmd.exe' /c ping 127.0.0.1 -n 2&%TEMP%\\krbhxeesr.exe "<Full path to file>"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c ping 127.0.0.1 -n 2&%TEMP%\\krbhxeesr.exe "<Full path to file>"
- '<SYSTEM32>\ping.exe' 127.0.0.1 -n 2
- '<SYSTEM32>\rundll32.exe' "%ProgramFiles%\txaaydyus\ecrjbcqjp.dll",SetModule %TEMP%\krbhxeesr.exe