Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'DismSvc' = '<Full path to file>'
- %HOMEPATH%\Start Menu\Programs\Startup\WindowUpdate.URL
- %HOMEPATH%\Start Menu\Programs\Startup\Firefox.lnk
- <Full path to file>
- '<LOCALNET>.93.1':6852
- 'c9########ewubz9rbsg.loseyourip.com':6852
- DNS ASK C9########Ewubz9Rbsg.loseyourip.com
- '<SYSTEM32>\schtasks.exe' /create /sc minute /mo 2 /tn "DismSvc23" /tr "<Full path to file>"