Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'mismyou' = '%TEMP%\conhost.exe'
- <Current directory>\<File name>
- %TEMP%\conhost.exe
- 'ag###.my-homeip.net':80
- http://ag###.my-homeip.net/ks8d10.0.0.2akspbu.txt
- DNS ASK ag###.my-homeip.net
- '<Full path to file>'
- '%TEMP%\conhost.exe'
- '<SYSTEM32>\cmd.exe' /c del <Full path to file> >> NUL