Technical Information
- [<HKCU>\software\microsoft\windows\currentversion\run] 'azoz' = '<Full path to file>'
- [<HKCU>\software\microsoft\windows\currentversion\run] 'azoz' = '%APPDATA%\Microsoft\svchost.exe'
- %APPDATA%\microsoft\svchost.exe
- %TEMP%\melt.txt
- DNS ASK Ho####r.no-ip.org
- '%APPDATA%\microsoft\svchost.exe'