Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'trkcore' = '%PROGRAMDATA%\Microsoft\Roaming\svchost.exe'
- Windows Task Manager (Taskmgr)
- <Full path to file>
- from <Full path to file> to <Current directory>\old_<File name>.exe
- DNS ASK JM###Fe8we.com
- DNS ASK S2###9QSm4.com
- DNS ASK GH###c5CwG.com
- DNS ASK w.google.com
- DNS ASK KV###Q9l9q.com
- DNS ASK gP###2cMoA.com
- DNS ASK Ui###wg1RO.com