Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'system runtime' = '%TEMP%\<File name>.exe.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'system runtime32' = '%HOMEPATH%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\<File name>.exe'
- User Account Control (UAC)
- %TEMP%\<File name>.exe.exe
- ClassName: 'ConsoleWindowClass' WindowName: ''