Technical Information
- %HOMEPATH%\start menu\programs\startup\cdpsvc.url
- <SYSTEM32>\svchost.exe
- %APPDATA%\actxprxy\bcrypt.exe
- %APPDATA%\actxprxy\cdpsvc.vbs
- %APPDATA%\actxprxy\bcrypt.exe
- %APPDATA%\actxprxy\cdpsvc.vbs
- '18#.#44.31.29':1968
- '<SYSTEM32>\svchost.exe'