Technical Information
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\Run] 'LanguagePack' = '<SYSTEM32>\regsvr32.exe /s "%APPDATA%\Microsoft\Protect\1e44c8-17e8a1-ec5f2060-8dacd0-6db0.mui"'
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'LanguagePack' = '<SYSTEM32>\regsvr32.exe /s "%APPDATA%\Microsoft\Protect\1e44c8-17e8a1-ec5f2060-8dacd0-6db0.mui"'
- <SYSTEM32>\wudfhost.exe
- %APPDATA%\microsoft\protect\1e44c8-17e8a1-ec5f2060-8dacd0-6db0.mui
- %APPDATA%\microsoft\protect\prefhist
- %APPDATA%\microsoft\protect\once
- '62.##2.11.57':993
- '62.##2.11.57':443
- '<SYSTEM32>\regsvr32.exe' /s "%APPDATA%\Microsoft\Protect\1e44c8-17e8a1-ec5f2060-8dacd0-6db0.mui"
- '<SYSTEM32>\regsvr32.exe' /s "%APPDATA%\Microsoft\Protect\\1e44c8-17e8a1-ec5f2060-8dacd0-6db0.mui" 4
- '<SYSTEM32>\regsvr32.exe' /s "%APPDATA%\Microsoft\Protect\\1e44c8-17e8a1-ec5f2060-8dacd0-6db0.mui" 3
- '<SYSTEM32>\regsvr32.exe' /s "%APPDATA%\Microsoft\Protect\\1e44c8-17e8a1-ec5f2060-8dacd0-6db0.mui" 2
- '<SYSTEM32>\regsvr32.exe' /s "%APPDATA%\Microsoft\Protect\\1e44c8-17e8a1-ec5f2060-8dacd0-6db0.mui" 1
- '<SYSTEM32>\regsvr32.exe' /s "%APPDATA%\Microsoft\Protect\\1e44c8-17e8a1-ec5f2060-8dacd0-6db0.mui" 0