Technical Information
- [<HKLM>\System\CurrentControlSet\Services\Rsmosk megsuqus] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Rsmosk megsuqus] 'ImagePath' = '%ProgramFiles(x86)%\Zvjvlvj.exe'
- 'Rsmosk megsuqus' %ProgramFiles(x86)%\Zvjvlvj.exe
- %ProgramFiles(x86)%\zvjvlvj.exe
- %ProgramFiles(x86)%\zvjvlvj.exe
- from <Full path to file> to %WINDIR%\syswow64\1105048.bak
- 'a2######080.e2.luyouxia.net':26135
- DNS ASK a2######080.e2.luyouxia.net
- '%ProgramFiles(x86)%\zvjvlvj.exe'
- '%ProgramFiles(x86)%\zvjvlvj.exe' Win7