Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Windows 32b' = '<SYSTEM32>\mswin32b.exe'
- <SYSTEM32>\mswin32b.exe
- <Full path to file>
- 'cp####.daemon.sh':6667
- DNS ASK cp####.daemon.sh
- '<SYSTEM32>\mswin32b.exe' <Full path to file>