Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Google Update' = '<SYSTEM32>\syscmd.exe /WinStart'
- from <Full path to file> to <SYSTEM32>\syscmd.exe
- '78.##2.236.3':1990
- 'wh#####yipaddress.com':80
- http://wh#####yipaddress.com/
- DNS ASK wh#####yipaddress.com
- ClassName: '' WindowName: 'Windows Security Alert'
- ClassName: '' WindowName: 'Windows Gьvenlik Uyarэsэ'
- ClassName: '' WindowName: 'Windows G?venlik Uyar?s?'