Technical Information
- %WINDIR%\tasks\absolutekitchen.job
- <SYSTEM32>\tasks\absolutekitchen
- [<HKLM>\System\CurrentControlSet\Services\Happy Hatred] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Happy Hatred] 'ImagePath' = '%APPDATA%\Happy Hatred\Happy Hatred.exe'
- 'Happy Hatred' %APPDATA%\Happy Hatred\Happy Hatred.exe
- %ALLUSERSPROFILE%\{6764b4e1-6637-ad41-6764-4b4e1663d385}\<File name>.exe
- %ALLUSERSPROFILE%\{6764b4e1-6637-ad41-6764-4b4e1663d385}\<File name>.dat
- %APPDATA%\happy hatred\happy hatred.exe
- %APPDATA%\happy hatred\juy.dat
- 'al####el-pro.com':80
- 'ge####ltiple.link':80
- http://ge####ltiple.link/?q=#####################################################################################################################################################################...
- DNS ASK ge####ltiple.link
- DNS ASK al####el-pro.com
- '%APPDATA%\happy hatred\happy hatred.exe'