Technical Information
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'Nvidia Driver' = '%APPDATA%\Microsoft\Windows\Start Menu\nvdisp.exe'
- firefox.exe
- iexplore.exe
- %APPDATA%\microsoft\windows\start menu\nvacvrc.exe
- %APPDATA%\microsoft\windows\start menu\nvdisp.exe
- http://h1.##pway.com/lolnudes/send.txt
- DNS ASK h1.##pway.com
- '%APPDATA%\microsoft\windows\start menu\nvacvrc.exe'