Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '456436456234243245' = '%PROGRAMDATA%\LOL DIRECTORY\LOL.EXE'
- %WINDIR%\explorer.exe
- %PROGRAMDATA%\lol directory\lol.exe
- %TEMP%\{bd956651-8038-42c9-b009-a72b6cfa172a}
- %TEMP%\{bd956651-8038-42c9-b009-a72b6cfa172a}
- 'localhost':5555
- '<SYSTEM32>\svchost.exe'
- '%WINDIR%\explorer.exe'