Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\windows media player network graph service.exe
- windows media player network graph service.exe
- %TEMP%\windows media player network graph service.txt
- %APPDATA%\logs\01-29-2020
- 'mi######tcnc.publicvm.com':55506
- http://te##ze.com/geoip
- http://www.te##ze.com/geoip
- http://fr###eoip.net/xml/
- http://fr###eoip.net/shutdown
- http://ap#.#pify.org/
- DNS ASK te##ze.com
- DNS ASK fr###eoip.net
- DNS ASK ap#.#pify.org
- DNS ASK mi######tcnc.publicvm.com
- '%APPDATA%\microsoft\windows\start menu\programs\startup\windows media player network graph service.exe'
- '<SYSTEM32>\cmd.exe'
- '<SYSTEM32>\reg.exe' add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /f /v "Windows Media Player Network Graph Service" /d "cmd /c type "%TEMP%\Windows Media Player Network Graph Service.txt" ...