Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{gqpxydym-vfue-fhel-wkmr-opwuswwvsvzr}] 'stubpath' = ''
- <SYSTEM32>\inykznpoh.exe ZhuDong
- %TEMP%\135828_res.tmp
- <SYSTEM32>\inykznpoh.exe
- <SYSTEM32>\inykznpoh.exe_lang.ini
- 'dy####zj.codns.com':6113
- DNS ASK dy####zj.codns.com
- '<Private IP address>':1035