Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\crss.exe
- %PROGRAM_FILES%\Internet Explorer\3006\1.tmp (downloaded from the Internet)
- %PROGRAM_FILES%\Internet Explorer\3006\gb_143750.bat
- %PROGRAM_FILES%\Internet Explorer\3006\1.tmp
- %HOMEPATH%\Start Menu\Programs\Startup\crss.exe
- 'yo#####iasupport.com':80
- yo#####iasupport.com/index.php?id###############################
- DNS ASK yo#####iasupport.com
- '<Private IP address>':1033