Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Flash' = '%APPDATA%\adobeflash_6.exe'
- %APPDATA%\adobeflash_6.exe
- %APPDATA%\rundll52.exe
- %WINDIR%\syswow64\winlogs\winlogs.exe
- %TEMP%\user2.txt
- %TEMP%\user7
- %TEMP%\user8
- %TEMP%\user2.txt
- %TEMP%\user8
- %TEMP%\user7
- %TEMP%\user8
- %TEMP%\user7
- DNS ASK no#####unt.no-ip.org
- '%APPDATA%\rundll52.exe'
- '%WINDIR%\syswow64\winlogs\winlogs.exe'