Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '34564563465534563456' = '%PROGRAMDATA%\INSTALLATION DIRECTORY\SERVER.EXE'
- %WINDIR%\explorer.exe
- %PROGRAMDATA%\installation directory\server.exe
- %TEMP%\{80f11feb-3648-46b1-9ba2-db238cd728ee}
- %TEMP%\{80f11feb-3648-46b1-9ba2-db238cd728ee}
- '19#.#50.242.255':5555
- '<SYSTEM32>\svchost.exe'
- '%WINDIR%\explorer.exe'