Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'taskhost' = '%WINDIR%\taskhost.exe'
- %APPDATA%\WUDFdrv.exe
- %WINDIR%\taskhost.exe
- 'ma#.#aver.com':443
- DNS ASK ma#.#aver.com
- '<SYSTEM32>\cmd.exe' /C "netsh advfirewall firewall show rule name=\"taskhost\""
- '<SYSTEM32>\netsh.exe' advfirewall firewall show rule name=\"taskhost\"
- '<SYSTEM32>\cmd.exe' /Q /C reg add "HKCU\Software\Basic Softworks" /f
- '<SYSTEM32>\reg.exe' add "HKCU\Software\Basic Softworks" /f