Technical Information
- <SYSTEM32>\tasks\software\config
- %ALLUSERSPROFILE%\software\config\std.xml
- %ALLUSERSPROFILE%\software\config\std.xml
- from <Full path to file> to %ALLUSERSPROFILE%\software\config\dwm.exe
- http://my####as.giize.com/comp/conn.php/?da#######
- http://cp###plus.com/forum/beginner/?da###
- http://cp###plus.com/forum/beginner/
- http://my####as.giize.com/comp/init.php/?da#######################
- http://my####as.giize.com/comp/usr0105156/a2hueWtrd2RfdXNlcg==/id/container?da###
- http://my####as.giize.com/comp/reset.php?da#######################
- http://my####as.giize.com/comp/putr.php/?da##########################################################
- DNS ASK my####as.giize.com
- DNS ASK cp###plus.com
- '<SYSTEM32>\cmd.exe'
- '<SYSTEM32>\schtasks.exe' /Create /TN "\Software\config" /XML "%ALLUSERSPROFILE%\Software\config\std.xml"