Technical Information
- %WINDIR%\syswow64\regsvr32.exe
- %APPDATA%\heartb.dll
- 'ma######lexis.duckdns.org':4047
- 'ge###ugin.net':80
- http://ge###ugin.net/json.gp
- 'ma######lexis.duckdns.org':4047
- DNS ASK ma######lexis.duckdns.org
- DNS ASK ge###ugin.net
- '%WINDIR%\syswow64\regsvr32.exe'
- '%WINDIR%\syswow64\cmd.exe' /C reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "*Chrome" /t REG_SZ /d "rundll32.exe %APPDATA%\HEARTB.dll",EntryPoint /f & exit
- '%WINDIR%\syswow64\reg.exe' add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "*Chrome" /t REG_SZ /d "rundll32.exe %APPDATA%\HEARTB.dll",EntryPoint /f