Technical Information
- %PROGRAMDATA%\0
- %PROGRAMDATA%\c15258d953\aumnq.exe
- '255.255.255.255':80
- DNS ASK ro####ownbab.com
- DNS ASK ve###tarab.ru
- DNS ASK ra####rtoldhis.ru
- '%PROGRAMDATA%\c15258d953\aumnq.exe'
- '%WINDIR%\syswow64\reg.exe' ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d %PROGRAMDATA%\c15258d953