Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\bootstr.url
- %HOMEPATH%\bootstr\bootstr.vbs
- %HOMEPATH%\bootstr\certutil.exe
- %APPDATA%\remcos\logs.dat
- 'ma#######4.chickenkiller.com':9003
- DNS ASK ma#######4.chickenkiller.com