Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\Google Upgrade Assistant.exe
- '<SYSTEM32>\netsh.exe' firewall Set service RemoteAdmin enable
- %TEMP%\7zZHV29UT2X\svchost.exe
- %TEMP%\7zZHV29UT2X\svchost.exe
- %HOMEPATH%\Start Menu\Programs\Startup\Google Upgrade Assistant.exe
- 'sd.#tsga.ga':10001
- DNS ASK sd.#tsga.ga
- '%TEMP%\7zZHV29UT2X\svchost.exe' -k NetworkService
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\7zZHV29UT2X\svchost.exe -k NetworkService"