Technical Information
- [<HKLM>\System\CurrentControlSet\Services\cpuz132] 'ImagePath' = '%TEMP%\cpuz132\cpuz132_x64.sys'
- [<HKLM>\System\CurrentControlSet\Services\speccy] 'ImagePath' = '%TEMP%\fcd07194-2e21-4b47-a564-28542471823a'
- %TEMP%\speccy.ini
- %TEMP%\speccy.exe
- %TEMP%\speccycpuid.dll
- %TEMP%\cpuz132\cpuz132_x64.sys
- %TEMP%\fcd07194-2e21-4b47-a564-28542471823a
- %PROGRAMDATA%\microsoft\crypto\rsa\machinekeys\47a01e7ffb63112b0169c3780848c4b7_36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee
- %TEMP%\cpuz132\cpuz132_x64.sys
- %TEMP%\fcd07194-2e21-4b47-a564-28542471823a
- http://www.sh###yip.com/xml/
- DNS ASK sh###yip.com
- ClassName: 'EDIT' WindowName: ''
- '%TEMP%\speccy.exe'
- '<SYSTEM32>\svchost.exe' -k LocalServicePeerNet