Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'jcinbqdlsds' = '%APPDATA%\drcdubvx\kgiklftc.exe "%TEMP%\juxqnspxln.exe" %LOCALAPPDATA%�'
- juxqnspxln.exe
- %TEMP%\nsmac75.tmp
- %TEMP%\bnsea.p
- %TEMP%\devqnsn.ego
- %TEMP%\juxqnspxln.exe
- %APPDATA%\drcdubvx\kgiklftc.exe
- %ALLUSERSPROFILE%\remcos\logs.dat
- 're####1.duckdns.org':5890
- 'ge###ugin.net':80
- http://ge###ugin.net/json.gp
- 're####1.duckdns.org':5890
- DNS ASK re####1.duckdns.org
- DNS ASK ge###ugin.net
- '%TEMP%\juxqnspxln.exe' %TEMP%\devqnsn.ego
- '%TEMP%\juxqnspxln.exe'