Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\File0.exe
- '%HOMEPATH%\Start Menu\Programs\Startup\File0.exe'
- '%HOMEPATH%\Start Menu\Programs\Startup\File0.exe' (downloaded from the Internet)
- 'rg##st.net':80
- 'wp#d':80
- rg##st.net/download/58265713/5b3c9ad505323ba58c3655f27e7df9b6918f7276/server.exe
- wp#d/wpad.dat
- DNS ASK rg##st.net
- DNS ASK wp#d