Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\<File name>.exe
- <Current directory>\setup.dll
- %APPDATA%\<File name>.exe
- C:\wx294\winlogon.exe
- %TEMP%\user2.txt
- %APPDATA%\userlog.dat
- %TEMP%\user7
- %TEMP%\user8
- <Current directory>\setup.dll
- C:\wx294\winlogon.exe
- %APPDATA%\userlog.dat
- %TEMP%\user2.txt
- %TEMP%\user8
- %TEMP%\user7
- %TEMP%\user8
- %TEMP%\user7
- DNS ASK ce####.zapto.org
- '%APPDATA%\<File name>.exe'
- 'C:\wx294\winlogon.exe'
- '%ProgramFiles(x86)%\internet explorer\iexplore.exe'