Technical Information
- [HKLM\System\CurrentControlSet\Services\ialdnwxf] 'ImagePath' = '<SYSTEM32>\superecPzgWA.sys'
- 'ialdnwxf' <SYSTEM32>\superecPzgWA.sys
- %WINDIR%\syswow64\superecpzgwa.sys
- %APPDATA%\e_uiengine\90afea1eeb37be7a93471c36152ab43a\90afea1eeb37be7a93471c36152ab43a.jpg
- %APPDATA%\e_uiengine\90afea1eeb37be7a93471c36152ab43a\90afea1eeb37be7a93471c36152ab43a.jpg.data
- %WINDIR%\syswow64\superecpzgwa.sys
- 'cf##nge.com':80
- http://www.cf##nge.com/wangliuyanzhe.htm
- DNS ASK cf##nge.com