Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\run.hta
- %WINDIR%\microsoft.net\framework\v4.0.30319\aspnet_compiler.exe
- C:\users\public\microsoft.ps1
- 'z.#z.ht':443
- 'sp#####ppp.myq-see.com':1177
- 'microsoft.com':80
- 'z.#z.ht':443
- 'sp#####ppp.myq-see.com':1177
- DNS ASK z.#z.ht
- DNS ASK sp#####ppp.myq-see.com
- DNS ASK microsoft.com
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -nologo -ExecutionPolicy Unrestricted -File C:\Users\Public\Microsoft.ps1
- '%WINDIR%\microsoft.net\framework\v4.0.30319\aspnet_compiler.exe'