Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'e123e5bf-c44e-4a35-8ef5-3fda6f2e11eb' = 'rundll32 shell32.dll,ShellExec_RunDLL "%LOCALAPPDATA%\MICROS~1\Windows\6E2AC4~1\CBAF0A~1.EXE"'
- %WINDIR%\syswow64\rundll32.exe
- %LOCALAPPDATA%low\microsoft\windows\appcache\jf1afb4a\container.dat
- %LOCALAPPDATA%\microsoft\windows\6e2ac447-e0cf-46ec-ae30-418fb6c5025e\cbaf0a1e-162a-4824-98e0-7ac4903e4394.exe
- 'google.com':443
- DNS ASK google.com
- '%WINDIR%\syswow64\rundll32.exe'