Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'AudioHD' = '%APPDATA%\AudioHDriver\<File name>.exe'
- <SYSTEM32>\tasks\windows manager
- <SYSTEM32>\tasks\windows security
- <SYSTEM32>\tasks\sechub
- <SYSTEM32>\tasks\hostapp
- <Current directory>\microsoft.win32.taskscheduler.dll
- <Current directory>\jetbrains.annotations.dll
- <Current directory>\jetbrains.annotations.xml
- %APPDATA%\audiohdriver\microsoft.win32.taskscheduler.dll
- %APPDATA%\audiohdriver\jetbrains.annotations.dll
- %APPDATA%\audiohdriver\jetbrains.annotations.xml
- from <Full path to file> to %APPDATA%\audiohdriver\<File name>.exe
- 'ip###ger.com':443
- 'ip###ger.org':443
- 'microsoft.com':80
- 'ip###ger.com':443
- DNS ASK ga####d9.beget.tech
- DNS ASK ip###ger.com
- DNS ASK ip###ger.org
- DNS ASK microsoft.com
- '%WINDIR%\microsoft.net\framework\v2.0.50727\dw20.exe' -x -s 1472