Technical Information
- [<HKCU>\software\microsoft\windows\currentversion\run] '{UE1TXRX8-7858-ALG1DY-ALG1DYD8C9}' = '"<Full path to file>" ..'
- [<HKCU>\software\microsoft\windows\currentversion\run] '{UE1TXRX8-7858-ALG1DY-ALG1DYD8C9}' = '"%TEMP%\Winstep SpeedLaunch.exe" ..'
- winstep speedlaunch.exe
- %TEMP%\winstep speedlaunch.exe
- 'Mj#####82.portmap.io':49682
- DNS ASK mi#####dia.sytes.net
- DNS ASK Mj#####82.portmap.io
- '%TEMP%\winstep speedlaunch.exe'