Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MyPlayuser' = '%PROGRAM_FILES%\Internet Explorer\tempexe.exe'
- %PROGRAM_FILES%\Internet Explorer\tempexe.exe
- %WINDIR%\regedit.exe /s %WINDIR%\user1.reg
- <SYSTEM32>\cmd.exe /c mybat.bat
- %WINDIR%\regedit.exe /s %WINDIR%\user.reg
- %WINDIR%\regedit.exe /s %WINDIR%\mac.reg
- %WINDIR%\regedit.exe /s %WINDIR%\mac1.reg
- %WINDIR%\user.reg
- %WINDIR%\user1.reg
- <Current directory>\mybat.bat
- %PROGRAM_FILES%\Internet Explorer\tempexe.exe
- %WINDIR%\mac.reg
- %WINDIR%\mac1.reg
- 's.###pny.com':99
- DNS ASK s.###pny.com
- DNS ASK hh#####hhh.ip138.com
- '<Private IP address>':1037
- '<Private IP address>':1038
- ClassName: 'RegEdit_RegEdit' WindowName: ''