Technical Information
Modifies file system :
Creates the following files:
- <SYSTEM32>\GroupPolicy\User\Scripts\script.ini
- %WINDIR%\Temp\svchost.exe
Network activity:
Connects to:
- 'a2####856.3322.org':80
UDP:
- DNS ASK a2####856.3322.org