Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'serial' = 'c:\tempa\wininiti.exe'
- '%TEMP%\taskmgr.exe'
- taskmgr.exe
- %TEMP%\eSPJcYv
- %TEMP%\taskmgr.exe
- 'cl####0.duckdns.org':5052
- DNS ASK cl####0.duckdns.org
- ClassName: 'ConsoleWindowClass' WindowName: ''