Technical Information
Modifies file system :
Creates the following files:
- <SYSTEM32>\GroupPolicy\User\Scripts\script.ini
- %WINDIR%\Temp\svchost.exe
Network activity:
Connects to:
- 'ja###u.3322.org':8000
UDP:
- DNS ASK ja###u.3322.org