Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'vhostservice' = '<SYSTEM32>\<File name>.exe'
- <SYSTEM32>\<File name>.exe
- 'cl###.kicks-ass.net':4001
- 'cl###.kicks-ass.net':3339
- DNS ASK cl###.kicks-ass.net
- '<SYSTEM32>\<File name>.exe'