Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '<Virus name>.exe' = '<SYSTEM32>\<Virus name>.exe'
- <SYSTEM32>\<Virus name>.exe
- <Full path to virus>
- '20#.#8.196.199':139
- '20#.#8.196.199':445
- '20#.#8.196.199':1433
- ClassName: 'Shell_TrayWnd' WindowName: ''