https:// anubis.iseclab .org /?action=result&task_id=1b784cfbc748dfae439ed3825a2 3eafaf&format=html
Take this results for what you will. It creates a process called DW20.exe (This a name for a process that has to deal with microsoft office) and modifies this registry HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\ Explorer\Shell Folder (Which modifies the Appdata folder, common place for infections to set up a base). Take what you will.