Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'GoogleUpdate' = '%APPDATA%\FrameworkUpdate7\GoogleUpdate.exe'
- <SYSTEM32>\svchost.exe
- %APPDATA%\麽鎒駓覜
- %APPDATA%\frameworkupdate7\googleupdate.exe
- %ALLUSERSPROFILE%\@system.temp
- %TEMP%\7eb0.tmp
- %APPDATA%\麽鎒駓覜
- 'te##ze.com':80
- 'se###arnew.com':80
- http://www.te##ze.com/geoip
- http://se###arnew.com/image/tools1.ico
- DNS ASK te##ze.com
- DNS ASK se###arnew.com
- '17#.#02.38.72':101
- '19#.#23.35.152':8080
- '17#.#02.38.72':8080
- '95.##1.73.249':8080
- '<SYSTEM32>\svchost.exe'