Technical Information
- [<HKLM>\System\CurrentControlSet\Services\ufad-dns60] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\ufad-dns60] 'ImagePath' = '<SYSTEM32>\svchost.exe -k ufad-dns60'
- [<HKLM>\SYSTEM\CurrentControlSet\Services\ufad-dns60\Parameters] 'ServiceDll' = '<SYSTEM32>\dmybFVycNLWWuAl.dll'
- from <Full path to file> to %WINDIR%\syswow64\dmybfvycnlwwual.dll
- 'x9####0.gicp.net':8384
- DNS ASK x9####0.gicp.net
- '%WINDIR%\syswow64\svchost.exe' -k ufad-dns60