Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Skype Remote Control' = '<Full path to file>'
- %TEMP%\gojcmotllq
- %TEMP%\gojcmotllq
- '10#.#55.137.18':443
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- DNS ASK microsoft.com
- '%WINDIR%\syswow64\cmd.exe' /c TIMEOUT /T 50 /NOBREAK && move "%TEMP%\gojcmotllq" "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\Windows Control Panel.lnk"
- '%WINDIR%\syswow64\timeout.exe' /T 50 /NOBREAK