Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Google Update' = '%LOCALAPPDATA%\Google\Update\GoogleUpdate.exe'
- '%WINDIR%\syswow64\taskkill.exe' /f /im GoogleUpdate.exe
- '%WINDIR%\syswow64\taskkill.exe' /f /im GoogleUpdater.exe
- %LOCALAPPDATA%\google\update\googleupdate.exe
- 'ip##pi.com':80
- http://ip##pi.com/json
- DNS ASK ip##pi.com
- ClassName: '' WindowName: ''
- '%LOCALAPPDATA%\google\update\googleupdate.exe'
- '%WINDIR%\syswow64\cmd.exe' /c wmic diskdrive where deviceid='\\\\.\\PHYSICALDRIVE0' get serialnumber
- '%WINDIR%\syswow64\wbem\wmic.exe' diskdrive where deviceid='\\\\.\\PHYSICALDRIVE0' get serialnumber
- '%WINDIR%\syswow64\cmd.exe' /c REG ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "Google Update" /t REG_SZ /F /D "%LOCALAPPDATA%\Google\Update\GoogleUpdate.exe"
- '%WINDIR%\syswow64\reg.exe' ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "Google Update" /t REG_SZ /F /D "%LOCALAPPDATA%\Google\Update\GoogleUpdate.exe"
- '%WINDIR%\syswow64\cmd.exe' /c taskkill /f /im GoogleUpdate.exe
- '%WINDIR%\syswow64\cmd.exe' /c taskkill /f /im GoogleUpdater.exe