Technical Information
- [HKLM\System\CurrentControlSet\Services\58nv8KcOnlYfub] 'ImagePath' = '%TEMP%\58nv8KcOnlYfubPqRSYW.sys'
- '58nv8KcOnlYfub' %TEMP%\58nv8KcOnlYfubPqRSYW.sys
- %TEMP%\58nv8kconlyfubpqrsyw.sys
- %WINDIR%\temp\udd16ca.tmp
- %WINDIR%\tempxxx
- %WINDIR%\temp\udd16ca.tmp
- '12#.#1.220.8':80
- 'yi##d.cc':13450
- http://ne#######rifly.ntoskr.com:80/verifly?ke############################
- DNS ASK yi##d.cc