Technical Information
- [<HKLM>\System\CurrentControlSet\Services\VeryTired] 'ImagePath' = '%WINDIR%\SysWOW64\Proxy64.sys'
- 'VeryTired' %WINDIR%\SysWOW64\Proxy64.sys
- <Current directory>\hookproxy.dll
- %WINDIR%\syswow64\proxy64.sys
- ctrlsmverytired
- %WINDIR%\temp\udd479a.tmp
- %WINDIR%\temp\udd479a.tmp
- '52##.net':443
- 'st#####.##gitalcertvalidation.com':80
- 'ap##.bdimg.com':443
- '52##.net':443
- 'ap##.bdimg.com':443
- DNS ASK 52##.net
- DNS ASK st#####.##gitalcertvalidation.com
- DNS ASK microsoft.com
- DNS ASK ap##.bdimg.com
- ClassName: 'DDEMLMom' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''