Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'adobeflash' = '%APPDATA%\Microsoft\svchost.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'adobeflash' = '<Full path to file>'
- %TEMP%\melt.txt
- %APPDATA%\Microsoft\svchost.exe
- <Full path to file>
- 'h9#.#dns.net':90
- DNS ASK h9#.#dns.net
- '%APPDATA%\Microsoft\svchost.exe'