Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Locle' = '"%WINDIR%\Speet.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Locle' = '"%WINDIR%\Speet.exe"'
- <Drive name for removable media>:\Droid.scr
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%WINDIR%\Speet.exe' = '%WINDIR%\Speet.exe:*:Enabled:Speet.exe'
- User Account Control (UAC)
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%WINDIR%\Speet.exe" "Speet.exe" ENABLE
- C:\Droid.scr
- %WINDIR%\Speet.exe
- %TEMP%\e653d73e45833b6c
- <Full path to file>
- 'localhost':305
- '%WINDIR%\Speet.exe'
- '<SYSTEM32>\ping.exe' 0
- '<SYSTEM32>\cmd.exe' /k ping 0 & del "<Full path to file>" & exit