Technical Information
- %APPDATA%\media\media.lnk
- [<HKLM>\System\CurrentControlSet\Services\TaskFrame] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\TaskFrame] 'ImagePath' = '%APPDATA%\Media\mediaplayer.exe'
- 'TaskFrame' %APPDATA%\Media\mediaplayer.exe
- %APPDATA%\media\mediaplayer.exe
- %APPDATA%\media\media.lnk
- %TEMP%\cjbop.exe
- %APPDATA%\microsoft\windows\start menu\programs\startup\conime.lnk
- http://www.sd##o.net/v?m=#########################
- http://www.sd###.net:443/v?m=######################### via sd##o.net
- DNS ASK sd##o.net
- '%APPDATA%\media\mediaplayer.exe'
- '%TEMP%\cjbop.exe'
- '%APPDATA%\media\mediaplayer.exe' ' (with hidden window)
- '%TEMP%\cjbop.exe' ' (with hidden window)