Technical Information
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\Chrome.exe
- '<SYSTEM32>\cmd.exe' /C ""%TEMP%\MMBPlayer\copy.bat" "
- %TEMP%\MMBPlayer\run.bat
- %TEMP%\MMBPlayer\copy.bat
- %TEMP%\MMBPlayer\getadmin2.vbs
- 'cd###d-lock.ir':80
- 'localhost':1036
- http://cd###d-lock.ir/redirect4.php
- DNS ASK cd###d-lock.ir
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Progman' WindowName: 'Program Manager'