Technical Information
Modifies file system :
Creates the following files:
- <SYSTEM32>\GroupPolicy\User\Scripts\script.ini
- %WINDIR%\Temp\svchost.exe
Network activity:
Connects to:
- 'ss##.8866.org':8000
UDP:
- DNS ASK ss##.8866.org