Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\acworke.lnk
- %TEMP%\fd45e.tmp.bat
- <Current directory>\config.ini
- %APPDATA%\microsoft\windows\start menu\programs\startup\acworke.lnk
- from <Full path to file> to <Current directory>\ianm.exe
- 'ba##u.com':80
- http://www.ba##u.com/
- ClassName: 'TrayNotifyWnd' WindowName: ''
- ClassName: 'SysPager' WindowName: ''
- ClassName: 'ToolbarWindow32' WindowName: ''
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\fd45e.tmp.bat' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\fd45e.tmp.bat
- '%WINDIR%\syswow64\timeout.exe' /T 2