Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'java' = '%APPDATA%\java.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\java.vbs
- %HOMEPATH%\Start Menu\Programs\Startup\java.js
- %APPDATA%\java.exe
- <Full path to file>
- %APPDATA%\java.exe
- 'ni####1171.ddns.net':25271
- DNS ASK ni####1171.ddns.net
- '%APPDATA%\java.exe'
- '<SYSTEM32>\schtasks.exe' /create /sc minute /mo 5 /tn "chorme" /tr "%APPDATA%\java.exe"