Technical Information
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'tpup' = '%WINDIR%\tpup.exe s'
- %WINDIR%\tpup.exe
- %WINDIR%\tpup.dat
- %WINDIR%\syswow64\e1.dll
- %TEMP%\~a753.tmp
- %TEMP%\~a763.tmp
- %TEMP%\~a753.tmp
- %TEMP%\~a763.tmp
- 'mt##.##0.yahoodns.net':25
- 'alt1.gmail-smtp-in.l.google.com':25
- DNS ASK ya##o.com
- DNS ASK ww##.#####adeswiokinganfujas.com
- DNS ASK mt##.##0.yahoodns.net
- DNS ASK gm##l.com
- DNS ASK alt3.gmail-smtp-in.l.google.com
- DNS ASK alt2.gmail-smtp-in.l.google.com
- DNS ASK alt1.gmail-smtp-in.l.google.com
- DNS ASK gmail-smtp-in.l.google.com
- DNS ASK alt4.gmail-smtp-in.l.google.com
- '%WINDIR%\tpup.exe' s