Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'wFastlySystemService.exe' = '<LS_APPDATA>\MicrosoftTools\wFastlySystemService.exe'
- User Account Control (UAC)
- <LS_APPDATA>\microsofttools\wfastlysystemservice.exe
- '<LS_APPDATA>\microsofttools\wfastlysystemservice.exe'
- '<SYSTEM32>\cmd.exe' /c mkdir <LS_APPDATA>\MicrosoftTools' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c copy <Full path to file> <LS_APPDATA>\MicrosoftTools\wFastlySystemService.exe' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c start <LS_APPDATA>\MicrosoftTools\wFastlySystemService.exe' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c mkdir <LS_APPDATA>\MicrosoftTools
- '<SYSTEM32>\cmd.exe' /c copy <Full path to file> <LS_APPDATA>\MicrosoftTools\wFastlySystemService.exe
- '<SYSTEM32>\cmd.exe' /c start <LS_APPDATA>\MicrosoftTools\wFastlySystemService.exe