Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WindowsUpdater' = '<Current directory>'
- <SYSTEM32>\tasks\utility
- <Full path to file>
- DNS ASK pa###bin.com
- '%WINDIR%\syswow64\schtasks.exe' /Create /SC minute /MO 20 /TN utility /TR <Full path to file>' (with hidden window)
- '%WINDIR%\syswow64\schtasks.exe' /Create /SC minute /MO 20 /TN utility /TR <Full path to file>