Technical Information
- [<HKCU>\software\microsoft\windows\currentversion\run] '{9FFVGXCW-948474-9MMBND-9MMBNDJC0G}' = '"<Full path to file>" ..'
- [<HKCU>\software\microsoft\windows\currentversion\run] '{9FFVGXCW-948474-9MMBND-9MMBNDJC0G}' = '"%APPDATA%\Winstep SpeedLaunch.exe" ..'
- winstep speedlaunch.exe
- %APPDATA%\winstep speedlaunch.exe
- 'Mj#####82.portmap.io':49682
- DNS ASK Mj#####82.portmap.io
- DNS ASK mi#####dia.sytes.net
- '%APPDATA%\winstep speedlaunch.exe'