Technical Information
- [HKLM\System\CurrentControlSet\Services\ialdnwxf] 'ImagePath' = '<Current directory>\superec.ProcessMemory.sys'
- 'ialdnwxf' <Current directory>\superec.ProcessMemory.sys
- <Current directory>\superec.processmemory.sys
- %WINDIR%\temp\udd1600.tmp
- %WINDIR%\temp\udd1600.tmp
- <Current directory>\superec.processmemory.sys
- 'n8##.com':80
- http://www.n8##.com/
- DNS ASK sc#o.so
- DNS ASK 66##g.com
- DNS ASK n8##.com