Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'GlobalFlagimglogs' = '<Current directory>\ssmss.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'GlobalFlagimglog' = '<Current directory>\imglog.exe'
- <SYSTEM32>\logpro2.txt
- <SYSTEM32>\logpro2.txt
- 'lo######inverso.outsys.net':80
- lo######inverso.outsys.net/locadora2/cadastro2.php
- DNS ASK lo######inverso.outsys.net