Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\829796377.exe
- 'sm##.gmail.com':587
- DNS ASK sm##.gmail.com
- '%APPDATA%\microsoft\windows\start menu\programs\startup\829796377.exe'
- '<SYSTEM32>\shutdown.exe' -r -f -t 1' (with hidden window)
- '<SYSTEM32>\shutdown.exe' -r -f -t 1