Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{XSHIIFT4-110131-DZOPPM-DZOPPM148K}' = '"%TEMP%\svchot.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{XSHIIFT4-110131-DZOPPM-DZOPPM148K}' = '"<Full path to file>" ..'
- User Account Control (UAC)
- '%TEMP%\svchot.exe'
- %TEMP%\svchot.exe
- %TEMP%\svchot.exe
- <Full path to file>
- 'mi#####dia.sytes.net':56351
- '13#.#9.32.200':1820
- DNS ASK mi#####dia.sytes.net