Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Chrome Security Authority Process ' = '"%APPDATA%\Google\Chrome\lsass.exe"'
- '' (downloaded from the Internet)
- %APPDATA%\Google\Chrome\lsass.exe
- 'wp#d':80
- 'ca####ver.myddns.me':80
- 'localhost':1040
- '74.##5.232.51':443
- http://11#.#11.111.1/wpad.dat via wp#d
- http://ca####ver.myddns.me/flower/files/cli.exe
- DNS ASK wp#d
- DNS ASK ca####ver.myddns.me
- DNS ASK drive.google.com
- ClassName: '' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- '%APPDATA%\Google\Chrome\lsass.exe'
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' -nohome