Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\dotNetFramev2.1.2] 'ImagePath' = '<SYSTEM32>\dotNetFramework2.1.2.exe -k'
- [<HKLM>\SYSTEM\ControlSet001\Services\dotNetFramev2.1.2] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe'
- '<SYSTEM32>\dotNetFramework2.1.2.exe' -k
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\dotNetFramework2.1.2.exe
- 'www.cn##ogs.com':80
- 'a9#####9.g47y3s.ceye.io':80
- 'localhost':1037
- http://www.cn##ogs.com/vermon01/p/6816907.html
- http://a9#####9.g47y3s.ceye.io/25b93
- DNS ASK www.cn##ogs.com
- DNS ASK a9#####9.g47y3s.ceye.io