Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MSConfig' = '"%HOMEPATH%\lydqvibj.exe"'
- %WINDIR%\syswow64\svchost.exe
- %HOMEPATH%\lydqvibj.exe
- %TEMP%\7233.bat
- %HOMEPATH%\lydqvibj.exe
- 'mi##########m.mail.protection.outlook.com':25
- '91.##8.38.211':443
- DNS ASK mi##########m.mail.protection.outlook.com
- '%HOMEPATH%\lydqvibj.exe'
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\7233.bat" "' (with hidden window)
- '%WINDIR%\syswow64\svchost.exe'
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\7233.bat" "