Technical Information
- [<HKLM>\System\CurrentControlSet\Services\mfc110jpn] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\mfc110jpn] 'ImagePath' = '"%WINDIR%\SysWOW64\qmgrprxy\mfc110jpn.exe"'
- 'mfc110jpn' "%WINDIR%\SysWOW64\qmgrprxy\mfc110jpn.exe"
- 'mfc110jpn' %WINDIR%\SysWOW64\qmgrprxy\mfc110jpn.exe
- from <Full path to file> to %WINDIR%\syswow64\qmgrprxy\mfc110jpn.exe
- '47.##.140.164':80
- http://47.##.140.164/NN8xI1P94Ae7GG4G0a/rjWIzP/KzgDK5/f0V1cPQIavTTgNf/FO9NIviFrL8eYBDUIcm/