Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WinResSync' = '<SYSTEM32>\regsvr32.exe /s "<Full path to file>"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'WinResSync' = '<SYSTEM32>\regsvr32.exe /s "<Full path to file>"'
- iexplore.exe
- <PATH_SAMPLE>.tpl
- '21#.#.242.72':443
- '21#.#.242.52':443
- DNS ASK ak######nmjje.appsync.space