Technical Information
- %HOMEPATH%\start menu\programs\startup\<File name>.lnk
- %WINDIR%\tasks\bidaily synchronize task.job
- %ALLUSERSPROFILE%\application data\{79525c29-6e5e-46a1-7952-25c296e570a5}\<File name>.exe
- %ALLUSERSPROFILE%\application data\{79525c29-6e5e-46a1-7952-25c296e570a5}\<File name>.dat
- DNS ASK to###itgold.org
- DNS ASK fu####onreader.com
- DNS ASK co#####-captain.info