Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Locker' = '%WINDIR%\Temp\GSC_Locker.exe'
- '%ProgramFiles(x86)%\internet explorer\iexplore.exe' http://12#.#54.215.97/upfolder/Mail_Template_Img/alert_pop.png
- %WINDIR%\temp\gsc_locker.exe
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012021060820210609\index.dat
- %WINDIR%\temp\test.txt
- '12#.#54.215.97':80
- http://12#.#54.215.97/GSC_Locker.exe
- http://12#.#54.215.97/favicon.ico
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%WINDIR%\temp\gsc_locker.exe'