Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Java Update Scheduler' = '%ALLUSERSPROFILE%\Java\javaw.exe'
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'UDP Subsystem' = '%ProgramFiles(x86)%\UDP Subsystem\udpss.exe'
- %TEMP%\runtime broker.exe
- %TEMP%\javauw.exe
- %ALLUSERSPROFILE%\java\javaw.exe
- %TEMP%\runtimebroker.exe
- %APPDATA%\36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee\run.dat
- %ProgramFiles(x86)%\udp subsystem\udpss.exe
- %TEMP%\runtime broker.exe
- %TEMP%\javauw.exe
- %ALLUSERSPROFILE%\java\javaw.exe
- %TEMP%\runtimebroker.exe
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- DNS ASK cd#.##scordapp.com
- DNS ASK microsoft.com
- DNS ASK na####ay.ddns.net
- '%TEMP%\runtime broker.exe'
- '%TEMP%\javauw.exe'
- '%ALLUSERSPROFILE%\java\javaw.exe'
- '%TEMP%\runtimebroker.exe'
- '%ALLUSERSPROFILE%\java\javaw.exe' 732