Technical Information
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Load' = '%HOMEPATH%\DBFAGDABFE\FCEAD_CBFC.exe'
- %HOMEPATH%\dbfagdabfe\fcead_cbfc.exe
- %HOMEPATH%\dbfagdabfe\s.txt
- http://an#########transpor.000webhostapp.com/DFGB_CFGCAFCAGC_CDGFCGEEEBGDCABFAAAGAFAFGDBADCG_AAFDAGC.txt
- DNS ASK an#########transpor.000webhostapp.com
- '%HOMEPATH%\dbfagdabfe\fcead_cbfc.exe'