Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\wininit.exe
- %TEMP%\akrestart2284.vbs
- %TEMP%\akrestart2284.vbs
- 'hd##.#ltervista.org':80
- DNS ASK hd##.#ltervista.org
- '%APPDATA%\microsoft\windows\start menu\programs\startup\wininit.exe'
- '<SYSTEM32>\wscript.exe' "%TEMP%\AKRestart2284.vbs"
- '<SYSTEM32>\cmd.exe' /C start wscript "%TEMP%\AKRestart2284.vbs"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /C start wscript "%TEMP%\AKRestart2284.vbs"