Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Startup key' = '%TEMP%\subfolder1\filename1.exe'
- ieinstal.exe
- %TEMP%\subfolder1\filename1.exe
- 'aq#.news':443
- 'r3.#.lencr.org':80
- 'microsoft.com':80
- 'Ch####rymalem.com':2020
- 'aq#.news':443
- 'Ch####rymalem.com':2020
- DNS ASK aq#.news
- DNS ASK r3.#.lencr.org
- DNS ASK microsoft.com
- DNS ASK Ch####rymalem.com
- '%ProgramFiles(x86)%\internet explorer\ieinstal.exe'