Technical Information
- [<HKLM>\System\CurrentControlSet\Services\cJuLwoaRJg] 'ImagePath' = '%WINDIR%\Temp\cJuLwoaRJg'
- 'cJuLwoaRJg' %WINDIR%\Temp\cJuLwoaRJg
- Windows Update
- %WINDIR%\temp\cjulwoarjg
- from %WINDIR%\temp\cjulwoarjg to %TEMP%\942448\....\temporaryfile
- 'jx.###598645.xyz':80
- http://jx.###598645.xyz/a.txt
- http://jx.###598645.xyz/Up.txt
- DNS ASK jx.###598645.xyz