Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Sseur Service Agent' = '%TEMP%\HOK2PsFcxCp.exe'
- %TEMP%\hqzapxcdcd.tmp
- %TEMP%\hok2psfcxcp.exe
- %TEMP%\hqzapxcdcd.tmp
- http://wt###myip.com/text
- DNS ASK wt###myip.com
- DNS ASK sm##.gmail.com
- '%TEMP%\hok2psfcxcp.exe'