Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\syncdownoptzhostproc.lnk
- %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\upnp device host\upnphost\udhisapi.dll
- %PROGRAMDATA%\guid.bin
- %TEMP%\asala.mp3
- %PROGRAMDATA%\syncdownoptzhostproc.exe
- 'ni####dotson.icu':80
- http://ni####dotson.icu/debby/weatherford/yortysnr
- DNS ASK ni####dotson.icu
- '23#.#55.255.250':1900
- 'ff#2::c':1900
- ClassName: 'WMPlayerApp' WindowName: ''
- ClassName: '\MSITPro::EventQueue' WindowName: ''
- ClassName: 'Type32_Main_Window' WindowName: ''
- '%ProgramFiles(x86)%\windows media player\wmplayer.exe' /prefetch:6 /Open "%TEMP%\asala.mp3"
- '%ProgramFiles(x86)%\windows media player\setup_wm.exe' /SysTrayAndQuit