Technical Information
- %WINDIR%\tasks\{35dc3473-a719-4d14-b7c1-fd326ca84a0c}.job
- <SYSTEM32>\tasks\{35dc3473-a719-4d14-b7c1-fd326ca84a0c}
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\] '1601' = '00000000'
- %WINDIR%\htymya.exe
- %WINDIR%\tasks\{35dc3473-a719-4d14-b7c1-fd326ca84a0c}.job
- http://pr##ca.com/ad_type.php?a=############################################################
- DNS ASK yf##g.com
- DNS ASK uc#z.ru
- DNS ASK pr##ca.com
- '%WINDIR%\htymya.exe'