Technical Information
- [<HKLM>\SYSTEM\CurrentControlSet\Services\uynwi] 'ImagePath' = '%TEMP%\8b84fdb0d6b0bd60822d60bbb462bfb6\<File name>.sys'
- [<HKLM>\System\CurrentControlSet\Services\{45487F67-EC9F-4449-A6F2-2D0970F9B80B}] 'Start' = '00000000'
- [<HKLM>\System\CurrentControlSet\Services\{45487F67-EC9F-4449-A6F2-2D0970F9B80B}] 'ImagePath' = 'system32\drivers\Wdf45697.sys'
- 'uynwi' %TEMP%\8b84fdb0d6b0bd60822d60bbb462bfb6\<File name>.sys
- %TEMP%\8b84fdb0d6b0bd60822d60bbb462bfb6\<File name>.sys
- http://x5.##tocz.com/000/0008
- http://s1.##tocz.com/qzy425za4zb10a0p8frrh94
- http://s1.##tocz.com/40ev3mjzz2653slmi4zwza
- DNS ASK ip###ger.org
- DNS ASK s1.##tocz.com
- DNS ASK x5.##tocz.com
- '<Full path to file>' ' (with hidden window)