Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'GOOGLEUPD' = '<LS_APPDATA>\googleupd.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'GOOGLEUPD' = '<Full path to file>'
- %TEMP%\2.tmp
- <LS_APPDATA>\googleupd.exe
- %TEMP%\1.tmp
- <LS_APPDATA>\googleupd.exe
- %TEMP%\2.tmp
- <LS_APPDATA>\googleupd.exe
- %TEMP%\1.tmp
- <Full path to file>
- 'li#####s.mypicture.info':443
- '17#.#80.29.34':443
- DNS ASK li#####s.mypicture.info
- '<LS_APPDATA>\googleupd.exe'