Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'favcunazvhfe' = '<SYSTEM32>\regsvr32.exe /s "<Full path to file>"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E46CE31-C558-BEE3-5F6C-50A3B434F555}]
- %HOMEPATH%\cookies\user@google[1].txt
- %HOMEPATH%\cookies\user@google[2].txt
- %HOMEPATH%\cookies\user@google[1].txt
- 'google.com':80
- 'localhost':5152
- DNS ASK br###ome.biz
- DNS ASK google.com
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''