Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\Google Update.exe
- %TEMP%\7z7XV13BG1KY\svchost.exe
- 'us.####roocean.stream':80
- DNS ASK us.####roocean.stream
- '%TEMP%\7z7XV13BG1KY\svchost.exe'
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\7z7XV13BG1KY\svchost.exe"