Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Skype Remote Control' = '<Full path to file>'
- %TEMP%\dtwdsrfvpw
- %TEMP%\dtwdsrfvpw
- '10#.#55.137.18':443
- '19#.#23.240.6':443
- '86.##4.194.29':443
- '19#.#23.241.68':443
- '19#.#23.241.175':443
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- DNS ASK microsoft.com
- '<SYSTEM32>\cmd.exe' /c TIMEOUT /T 50 /NOBREAK && move "%TEMP%\dtwdsrfvpw" "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\Windows Control Panel.lnk"
- '<SYSTEM32>\timeout.exe' /T 50 /NOBREAK