Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'HTDZHA' = '"%APPDATA%\Windata\system.exe"'
- %TEMP%\aut47dd.tmp
- %TEMP%\jiebnz.exe
- %APPDATA%\windata\system.exe
- %TEMP%\aut47dd.tmp
- 'ne###n.ddns.net':1337
- DNS ASK ne###n.ddns.net
- '%TEMP%\jiebnz.exe'