Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Services Host' = '"%APPDATA%\System\svchost.exe" 3'
- '%APPDATA%\System\svchost.exe' 2
- %APPDATA%\System\svchost.exe
- 'sh####ostore.com.tw':80
- '74.##5.232.51':80
- DNS ASK sr####ore.com.tw
- DNS ASK sh####ostore.com.tw
- DNS ASK google.com