Technical Information
- [<HKCU>\software\microsoft\windows\currentversion\run] 'VuAIogEo.exe' = '%HOMEPATH%\owMQoEQE\VuAIogEo.exe'
- [<HKLM>\System\CurrentControlSet\Services\zMMgwoXS] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\zMMgwoXS] 'ImagePath' = '%ALLUSERSPROFILE%\aGsEkkEk\nSEwMcgc.exe'
- 'zMMgwoXS' %ALLUSERSPROFILE%\aGsEkkEk\nSEwMcgc.exe
- %HOMEPATH%\owmqoeqe\vuaiogeo
- %ALLUSERSPROFILE%\weeuseyo\hiqugygk
- %HOMEPATH%\owmqoeqe\vuaiogeo.exe
- %ALLUSERSPROFILE%\agsekkek\nsewmcgc.exe
- %WINDIR%\syswow64\config\systemprofile\owmqoeqe\vuaiogeo
- %ALLUSERSPROFILE%\vyoo.txt
- <Current directory>\ieqs.ico
- http://google.com/
- DNS ASK bl##k.io
- DNS ASK google.com
- ClassName: '' WindowName: 'HiQUgYgk.exe'
- ClassName: '' WindowName: 'Microsoft Windows'
- '%HOMEPATH%\owmqoeqe\vuaiogeo.exe'
- '%ALLUSERSPROFILE%\agsekkek\nsewmcgc.exe'