Technical Information
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] 'service' = '%TEMP%\rad3AEFE.tmp\Readme.exe'
- %TEMP%\rad3aefe.tmp\readme.exe
- '19#.#10.170.51':8443
- '19#.#10.170.51':8443
- '%TEMP%\rad3aefe.tmp\readme.exe'
- '%TEMP%\rad3aefe.tmp\readme.exe' ' (with hidden window)