Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HOST PROCESS FOR WINDOWS TASKS' = '%APPDATA%\Microsoft\taskhostw.exe'
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'HOST PROCESS FOR WINDOWS TASKS' = '%APPDATA%\Microsoft\taskhostw.exe'
- %APPDATA%\microsoft\taskhostw.exe
- %APPDATA%\microsoft\taskhostw.exe
- '19#.#7.203.192':80
- '%APPDATA%\microsoft\taskhostw.exe'