Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\windows update.exe
- %HOMEPATH%\documents\hotpluga.dll
- '22#.#30.61.5':80
- '21#.#03.34.191':80
- DNS ASK us###e.2288.org
- '%APPDATA%\microsoft\windows\start menu\programs\startup\windows update.exe'
- '%APPDATA%\microsoft\windows\start menu\programs\startup\windows update.exe' ' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c del "<Full path to file>" > nul' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c del "<Full path to file>" > nul
- '%WINDIR%\syswow64\rundll32.exe' hotpluga.dll,LoadFile