Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<Full path to virus>' = '<Full path to virus>:*:Enabled:MiniGet'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- <Current directory>\Config\MiniGetConfig.cfg
- <Current directory>\Config\MiniGetTasks.dat
- <Current directory>\Config\geturl.html
- <Current directory>\Config\getallurl.html
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- 'www.mi###et001.com':80
- 'tr#####.miniget001.com':80
- www.mi###et001.com/report.php?ac#####################
- tr#####.miniget001.com/gtl
- DNS ASK ro####.bittorrent.com
- DNS ASK www.mi###et001.com
- DNS ASK ro####.utorrent.com
- DNS ASK tr#####.miniget001.com
- DNS ASK sn.###iget001.com
- '23#.#55.255.250':1900
- 'sn.###iget001.com':12000
- ClassName: 'Shell_TrayWnd' WindowName: ''