This Trojan may be downloaded from remote sites by other malware. It may arrive bundled with malware packages as a malware component. It may be downloaded unknowingly by a user when visiting malicious Web sites.
It creates registry entries to enable its automatic execution at every system startup.
It creates registry key(s)/entry(ies) as part of its installation routine.
It drops component files. It then executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. It injects the dropped files into the following running processes to remain memory resident.
It deletes itself after execution.
More...