Technical Information
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = '"%APPDATA%\5Ed9mkt0Z9xLRhjP\yoFzx6c2GGrW.exe",explorer.exe'
- '<SYSTEM32>\schtasks.exe' /create /sc minute /mo 1 /tn Skype /tr "<Full path to file>
- %APPDATA%\5Ed9mkt0Z9xLRhjP\yoFzx6c2GGrW.exe
- %APPDATA%\5Ed9mkt0Z9xLRhjP\yoFzx6c2GGrW.exe
- 'pr####4.myvnc.com':4500
- DNS ASK pr####4.myvnc.com