Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'kxetray.exe' = '%ALLUSERSPROFILE%\ЎёїЄКјЎ№ІЛµҐ\ЗїБ¦Р¶ФШµзДФЙПµДИнјю.lnk'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'QQGame' = '<Full path to virus>'
- 'a8#####667.f3322.org':9999
- DNS ASK a8#####667.f3322.org