Technical Information
- '' (downloaded from the Internet)
- %TEMP%\mxz32.exe
- %TEMP%\_unins_stmc64.bat
- %WINDIR%\syswow64\insvc32.exe
- %WINDIR%\syswow64\soaction32.dll
- %WINDIR%\syswow64\maxsvc32.dll
- %TEMP%\update32.exe
- %TEMP%\_unins_mxz32.bat
- %TEMP%\_unins_update32.bat
- %WINDIR%\syswow64\insvc32.exe
- %WINDIR%\syswow64\soaction32.dll
- %WINDIR%\syswow64\maxsvc32.dll
- %TEMP%\mxz32.exe
- %TEMP%\update32.exe
- '56###234.com':80
- DNS ASK 56###234.com
- '%TEMP%\mxz32.exe'
- '%TEMP%\update32.exe'
- '%TEMP%\mxz32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\_unins_stmc64.bat" "' (with hidden window)
- '%TEMP%\update32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\_unins_mxz32.bat" "' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\_unins_Update32.bat" "' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\_unins_stmc64.bat" "
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\_unins_mxz32.bat" "
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\_unins_Update32.bat" "