Analysts at Trustwave who discovered the malware campaign note that although none of its tactics are novel, it remains a severe threat to many potential victims, given Facebook's popularity as a social media platform.
Trustwave reports that once executed, the malware establishes persistence using commands that add a scheduled task named 'Licensing2,' which runs on infected computers every 90 minutes.
[
add
]
[
|
|
...
]