Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Explorer' = '%HOMEPATH%\6e0111de\csrss.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Critical' = '%HOMEPATH%\8bed001e0bcd1\rundll32.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows' = '%HOMEPATH%\smss.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'System' = '%HOMEPATH%\001e0bcd1\lsass.exe'
- %HOMEPATH%\6e0111de\csrss.exe
- %HOMEPATH%\8bed001e0bcd1\rundll32.exe
- %HOMEPATH%\001e0bcd1\lsass.exe
- %HOMEPATH%\smss.exe
- 'localhost':1040
- 'ka###to.com.es':80
- ka###to.com.es/a.html
- DNS ASK ba#######a.mygamesonline.org
- DNS ASK ka###to.com.es
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''