Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\] 'Notepad' = '%TEMP%\file.exe'
- '%TEMP%\file.exe'
- '%TEMP%\name.exe'
- file.exe
- %TEMP%\file.exe
- %TEMP%\name.exe
- '80.##.157.253':1077
- '%WINDIR%\microsoft.net\framework\v2.0.50727\dw20.exe' -x -s 508