Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Wudfsvc32' = '%APPDATA%\Wudfsvc.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Wudfsvc32' = '<Full path to file>'
- %TEMP%\2.tmp
- %APPDATA%\Wudfsvc.exe
- %TEMP%\1.tmp
- %APPDATA%\Wudfsvc.exe
- %TEMP%\2.tmp
- %APPDATA%\Wudfsvc.exe
- %TEMP%\1.tmp
- <Full path to file>
- 'pa#####ot.wikaba.com':8080
- 'pa#####ot.wikaba.com':443
- 'pa#####ot.wikaba.com':80
- http://pa#####ot.wikaba.com/0000/a145359.asp
- DNS ASK pa#####ot.wikaba.com
- '%APPDATA%\Wudfsvc.exe'