Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\WinHttpsAutoProxySvc] 'ImagePath' = '<Full path to file> -s'
- [<HKLM>\SYSTEM\ControlSet001\Services\WinHttpsAutoProxySvc] 'Start' = '00000002'
- %WINDIR%\Temp\host.exe
- 'mo###ohash.com':80
- DNS ASK mo###ohash.com
- '%WINDIR%\Temp\host.exe'
- '<Full path to file>' -s
- '<SYSTEM32>\sc.exe' description WinHttpsAutoProxySvc "WinHTTP implements the client HTTP stack and provides developers with a Win32 API and COM Automation component for sending HTTP requests and receiving response...