Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'explorer.exe' = '%APPDATA%\<File name>.exe'
- %WINDIR%\syswow64\dllhost.exe
- %TEMP%\autbd18.tmp
- %TEMP%\ymkgpiwxi.resource
- %APPDATA%\<File name>.exe
- <Full path to file>
- %TEMP%\autbd18.tmp
- http://in###tro.net/cache/lololololololololol/index.php
- DNS ASK in###tro.net
- '%WINDIR%\syswow64\dllhost.exe'