Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Agent' = '<Full path to file>'
- [<HKLM>\SYSTEM\ControlSet001\Services\Service] 'ImagePath' = '<Full path to file>'
- [<HKLM>\SYSTEM\ControlSet001\Services\Service] 'Start' = '00000002'
- '37.##.129.122':80
- http://37.##.129.122/fortest/activation.php?ke##################################################################################################################################################
- '<Full path to file>'