Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Diss_' = 'wscript "%HOMEPATH%\tlles_\Pre6s_.vbs"'
- %WINDIR%\win.ini
- pre6s_.exe
- %HOMEPATH%\tlles_\pre6s_.exe
- %HOMEPATH%\tlles_\pre6s_.vbs
- %APPDATA%\logjjk.dat
- %APPDATA%\logjjk.dat
- 'dd##.##ivatethings.xyz':4229
- DNS ASK dd##.##ivatethings.xyz
- '%HOMEPATH%\tlles_\pre6s_.exe'