Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'DNF' = 'C:\FUCKUYOU360NOD329.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '1232' = 'C:\FUCKUYOU360NOD329.exe'
- '<SYSTEM32>\cmd.exe' /c Attrib +s +a +h +r C:\FUCKUYOU360NOD329.exe
- '<SYSTEM32>\attrib.exe' +s +a +h +r C:\FUCKUYOU360NOD329.exe
- 'C:\FUCKUYOU360NOD329.exe' /S
- '<SYSTEM32>\cmd.exe' /c del /q "<Full path to file>"
- C:\FUCKUYOU360NOD329.exe
- C:\FUCKUYOU360NOD329.exe
- '<L###LNET>.0.2':0