Technical Information
- [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'IYUOI78234gh' = '"%ProgramFiles(x86)%\IYUOI78234gh\IYUOI78234gh.exe"'
- %ProgramFiles(x86)%\iyuoi78234gh\iyuoi78234gh.exe
- %ProgramFiles(x86)%\iyuoi78234gh\iyuoi78234gh.txt
- %ProgramFiles(x86)%\iyuoi78234gh\rainmeter.dll
- %LOCALAPPDATA%\178bfbff000306f2
- %ProgramFiles(x86)%\iyuoi78234gh\key
- '43.##4.155.200':8080
- '43.##4.155.200':12345
- http://43.###.155.200:8080/9x.dll via 43.##4.155.200
- ClassName: 'EDIT' WindowName: ''
- '%ProgramFiles(x86)%\iyuoi78234gh\iyuoi78234gh.exe'