Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MSConfig' = '"%HOMEPATH%\zduycotv.exe"'
- %WINDIR%\syswow64\svchost.exe
- %HOMEPATH%\zduycotv.exe
- %HOMEPATH%\zduycotv.exe
- 'mi##########m.mail.protection.outlook.com':25
- '11#.#21.193.242':443
- DNS ASK mi##########m.mail.protection.outlook.com
- '%HOMEPATH%\zduycotv.exe' /d"<Full path to file>"
- '%WINDIR%\syswow64\svchost.exe'