Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'msmsgs' = '%TEMP%\908\<Virus name>.exe'
- %TEMP%\908\<Virus name>.exe
- <Current directory>\s.ini
- '19#.#38.0.64':21
- '82.##7.131.17':21
- '21#.#31.252.243':21
- '88.##8.157.98':21
- '21#.#80.199.127':21
- 'ch####p.dyndns.org':80
- ch####p.dyndns.orghttp://checkip.dyndns.org
- DNS ASK ch####p.dyndns.org
- '<Private IP address>':1036
- ClassName: 'Indicator' WindowName: ''