Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Explorer' = '%APPDATA%\svchost.exe'
- '%APPDATA%\svchost.exe'
- %APPDATA%\svchost.exe
- 'p.####k.cloudns.in':443
- 'ba####.#lanna.cloudns.biz':443
- DNS ASK p.####k.cloudns.in
- DNS ASK ba####.#lanna.cloudns.biz
- ClassName: 'Indicator' WindowName: '(null)'