Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Gyneco9' = '%HOMEPATH%\bladderd\Synesi.exe'
- %WINDIR%\microsoft.net\framework\v2.0.50727\regasm.exe
- %HOMEPATH%\bladderd\synesi.exe
- %PROGRAMDATA%\7433cdb324b04dd5e3c3db213381216c7c539baa
- %PROGRAMDATA%\7433cdb324b04dd5e3c3db213381216c7c539baa
- '18#.#65.153.39':5807
- 'on####ve.live.com':443
- 'nx####.#h.files.1drv.com':443
- DNS ASK on####ve.live.com
- DNS ASK nx####.#h.files.1drv.com
- '%WINDIR%\microsoft.net\framework\v2.0.50727\regasm.exe' ' (with hidden window)
- '%WINDIR%\microsoft.net\framework\v2.0.50727\regasm.exe'