Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\firifoix.exe
- '%HOMEPATH%\Start Menu\Programs\Startup\firifoix.exe'
- '<SYSTEM32>\schtasks.exe' /create /sc minute /mo 60 /tn Server /tr %HOMEPATH%\Start Menu\Programs\Startup\firifoix.exe
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.new
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.new
- from %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.new to %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch
- from %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.new to %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch
- 'ah####012.dynu.com':1180
- DNS ASK ah####012.dynu.com