Technical Information
- [<HKLM>\System\CurrentControlSet\Services\WinRing0_1_2_0] 'ImagePath' = '%TEMP%\WinRing0x64.sys'
- 'WinRing0_1_2_0' %TEMP%\WinRing0x64.sys
- %TEMP%\7z.dll
- %WINDIR%\temp\udd1db0.tmp
- %WINDIR%\temp\udd15d3.tmp
- %WINDIR%\temp\udddf5.tmp
- %WINDIR%\temp\udd5f9.tmp
- %TEMP%\nemu-downloader-nine.log
- %TEMP%\aria2c.exe
- %TEMP%\skin.zip
- %TEMP%\winring0.cat
- %TEMP%\winring0x64.cat
- %WINDIR%\temp\udd258e.tmp
- %TEMP%\winring0.inf
- %TEMP%\winring0.sys
- %TEMP%\winring0x64.sys
- %TEMP%\config.ini
- %TEMP%\crashrpt_lang.ini
- %TEMP%\crashrpt1403.dll
- %TEMP%\crashrptprobe1403.dll
- %TEMP%\crashsender1403.exe
- %TEMP%\msvcp140.dll
- %TEMP%\7z.exe
- %TEMP%\winring0x64.inf
- %WINDIR%\temp\udd2d6b.tmp
- %WINDIR%\temp\udd5f9.tmp
- %WINDIR%\temp\udddf5.tmp
- %WINDIR%\temp\udd15d3.tmp
- %WINDIR%\temp\udd1db0.tmp
- %WINDIR%\temp\udd258e.tmp
- %WINDIR%\temp\udd2d6b.tmp
- 'ap#.##muglobal.com':443
- 'x.##2.us':80
- http://x.##2.us/x.cer
- 'ap#.##muglobal.com':443
- DNS ASK ap#.##muglobal.com
- DNS ASK x.##2.us