Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\Golupdate.lnk
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- %TEMP%\<Virus name>.exe
- %HOMEPATH%\Start Menu\Programs\Startup\Golupdate.lnk
- %TEMP%\<Virus name>.exe
- 'up.##aq4all.com':80
- 'localhost':1037
- http://up.##aq4all.com/uploads/july16/1467910212921.jpg
- DNS ASK up.##aq4all.com