Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\BITS] 'Start' = '00000002'
- '<SYSTEM32>\ping.exe' 0.0.0.0 -n 1
- '<SYSTEM32>\cmd.exe' /c ping 0.0.0.0 -n 1 & del "<Full path to file>"
- '<SYSTEM32>\extrac32.exe' "%TEMP%\lnkapamyvddee.dll" "<SYSTEM32>\srvlic.dll"
- %ProgramFiles%\WinZip\ODBC0\mqihdic.onezd
- <SYSTEM32>\srvlic.dll
- %TEMP%\lnkapamyvddee.dll
- ClassName: 'Shell_TrayWnd' WindowName: ''