Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'SYSS' = '%TEMP%\uppricktr\GENSTART.vbs'
- genstart.exe
- %TEMP%\uppricktr\genstart.exe
- %TEMP%\uppricktr\genstart.vbs
- http://on####ve.live.com/download?ci#######################################################################
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- DNS ASK on####ve.live.com
- DNS ASK microsoft.com
- DNS ASK lo###.live.com
- '%TEMP%\uppricktr\genstart.exe'