Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\TrueSight] 'ImagePath' = '<DRIVERS>\TrueSight.sys'
- %HOMEPATH%\Desktop\RK_Quarantine\Eula.txt
- <DRIVERS>\TrueSight.sys
- 'su####-toile.com':80
- http://www.su####-toile.com/RogueKiller/version.txt via su####-toile.com
- DNS ASK www.su####-toile.com