Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '<Unknown>' = '<Full path to file>'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe,"<Full path to file>"'
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '<File name>.exe' = '<Full path to file>'
- %APPDATA%\microsoft\windows\start menu\programs\startup\<File name>.exe
- http://13#.#25.27.253/base/280EB8FFED243F3BC4CE75C90974A75A.html
- http://13#.#25.27.253/base/49C90D634DCF6715C32A56C54C72DB69.html
- http://13#.#25.27.253/base/808021932403F9C9418BC85C4C808A85.html
- http://13#.#25.27.253/base/60E47C7088E24D2E9C2AC0B477ABFABC.html
- http://13#.#25.27.253/base/E39E5B6825625D3841949D32EC876A74.html
- http://13#.#25.27.253/base/AE9843A9055F76FCCD63AF470208AB4B.html
- http://13#.#25.27.253/base/99C1906C3BDDE3DFEAB6910090F46B1F.html
- http://ch####p.dyndns.org/
- DNS ASK ch####p.dyndns.org
- DNS ASK fr###eoip.app