Technical Information
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = ''
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Trojanskull.Virus' = '<Full path to file>'
- Windows Task Manager (Taskmgr)
- %HOMEPATH%\desktop\deathdeathdeathdeathdeath.png
- %HOMEPATH%\desktop\17.png
- %HOMEPATH%\desktop\16.png
- %HOMEPATH%\desktop\15.png
- %HOMEPATH%\desktop\14.png
- %HOMEPATH%\desktop\13.png
- %HOMEPATH%\desktop\12.png
- %HOMEPATH%\desktop\11.png
- %HOMEPATH%\desktop\10.png
- %HOMEPATH%\desktop\18.png
- %HOMEPATH%\desktop\9.png
- %HOMEPATH%\desktop\7.png
- %HOMEPATH%\desktop\6.png
- %HOMEPATH%\desktop\5.png
- %HOMEPATH%\desktop\4.png
- %HOMEPATH%\desktop\3.png
- %HOMEPATH%\desktop\2.png
- %HOMEPATH%\desktop\1.png
- %HOMEPATH%\desktop\0.png
- %HOMEPATH%\desktop\8.png
- %HOMEPATH%\desktop\19.png
- 'do######853.mediafire.com':443
- 'microsoft.com':80
- 'me###fire.com':80
- 'do######853.mediafire.com':443
- DNS ASK do######853.mediafire.com
- DNS ASK microsoft.com
- DNS ASK me###fire.com