Technical Information
- [<HKCU>\software\microsoft\windows\currentversion\run] 'bdtgs' = 'wscript.exe //B "%APPDATA%\<File name>.js"'
- %APPDATA%\<File name>.js
- 'ge#####gh.myq-see.com':9059
- DNS ASK ge#####gh.myq-see.com
- '<SYSTEM32>\wscript.exe' //B "%APPDATA%\<File name>.js"