Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\Windows Update.lnk
- '' (downloaded from the Internet)
- %HOMEPATH%\My Documents\OracleVM.exe
- from <Full path to file> to %HOMEPATH%\My Documents\<File name>.exe
- 'te##ep.com':80
- http://te##ep.com/hinhanh/x.exe
- DNS ASK te##ep.com
- '%HOMEPATH%\My Documents\<File name>.exe'
- '%HOMEPATH%\My Documents\OracleVM.exe'