Technical Information
- DNS server to '47.96.6.67'
- DNS server to '119.28.61.212'
- %WINDIR%\was51dd30fbc
- %ALLUSERSPROFILE%\o51dd30fbc
- '%WINDIR%\syswow64\cmd.exe' /c Reg.exe query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections" /v DefaultConnectionSettings >%WINDIR%\was51dd30fbc' (with hidden window)
- '%WINDIR%\syswow64\regini.exe' %ALLUSERSPROFILE%\o51dd30fbc' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c Reg.exe query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections" /v DefaultConnectionSettings >%WINDIR%\was51dd30fbc
- '%WINDIR%\syswow64\reg.exe' query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections" /v DefaultConnectionSettings
- '%WINDIR%\syswow64\regini.exe' %ALLUSERSPROFILE%\o51dd30fbc