Technical Information
- [<HKCU>\software\microsoft\windows\currentversion\run] 'AckQkQEo.exe' = '%HOMEPATH%\CEgocMIg\AckQkQEo.exe'
- [<HKLM>\System\CurrentControlSet\Services\OckQocsC] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\OckQocsC] 'ImagePath' = '%ALLUSERSPROFILE%\qMIYEIYo\muogEYIM.exe'
- 'OckQocsC' %ALLUSERSPROFILE%\qMIYEIYo\muogEYIM.exe
- %HOMEPATH%\cegocmig\ackqkqeo
- %ALLUSERSPROFILE%\aocmqkqy\tysuwksi
- %HOMEPATH%\cegocmig\ackqkqeo.exe
- %ALLUSERSPROFILE%\qmiyeiyo\muogeyim.exe
- %WINDIR%\syswow64\config\systemprofile\cegocmig\ackqkqeo
- http://google.com/
- DNS ASK bl##k.io
- DNS ASK google.com
- ClassName: '' WindowName: 'TysUwksI.exe'
- ClassName: '' WindowName: 'Microsoft Windows'
- '%HOMEPATH%\cegocmig\ackqkqeo.exe'
- '%ALLUSERSPROFILE%\qmiyeiyo\muogeyim.exe'