Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'Infium' = '%APPDATA%\Microsoft\agwuevra\gcvertrb.exe'
- %WINDIR%\syswow64\explorer.exe
- %APPDATA%\microsoft\agwuevra\gcvertrb.exe
- %APPDATA%\microsoft\agwuevra\gcvertrb.exe
- http://www.gh##ler.com/
- DNS ASK microsoft.com
- DNS ASK gh##ler.com
- DNS ASK support.microsoft.com
- DNS ASK go.microsoft.com
- DNS ASK msdn.microsoft.com
- DNS ASK vi####studio.com
- DNS ASK si####domain.biz
- '%WINDIR%\syswow64\explorer.exe'