Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Services' = '"%TEMP%\Winservice.exe"'
- hidden files
- %TEMP%\Winservice.exe
- %TEMP%\Winservice.exe
- 'ac#######reaserv.serv-ice.org':80
- ac#######reaserv.serv-ice.org/incl_admin_bot/connect.php
- DNS ASK ac#######reaserv.serv-ice.org
- ClassName: 'Indicator' WindowName: ''