Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SysCheck' = '<SYSTEM32>\<Virus name>.exe'
- '<SYSTEM32>\<Virus name>.exe'
- <SYSTEM32>\SysCheck.ini
- <SYSTEM32>\<Virus name>.exe
- <Current directory>\SysCheck.ini
- 'localhost':139
- 'localhost':445
- 'localhost':1433