Technical Information
- [HKLM\System\CurrentControlSet\Services\Topology CNG Enumerator Alerts] 'Start' = '00000002'
- [HKLM\System\CurrentControlSet\Services\Topology CNG Enumerator Alerts] 'ImagePath' = 'C:\aoynkuxmkwiuzck\jbqywjcuqhj.exe'
- 'Topology CNG Enumerator Alerts' C:\aoynkuxmkwiuzck\jbqywjcuqhj.exe
- %WINDIR%\aoynkuxmkwiuzck\ynhykdunk
- C:\aoynkuxmkwiuzck\ynhykdunk
- C:\aoynkuxmkwiuzck\svvs62eooq0fqhzbfr.exe
- C:\aoynkuxmkwiuzck\jbqywjcuqhj.exe
- C:\aoynkuxmkwiuzck\kcczfeptygth.exe
- C:\aoynkuxmkwiuzck\nf7kqwgbqecc
- C:\aoynkuxmkwiuzck\jbqywjcuqhj.exe
- C:\aoynkuxmkwiuzck\kcczfeptygth.exe
- %WINDIR%\aoynkuxmkwiuzck\ynhykdunk
- C:\aoynkuxmkwiuzck\svvs62eooq0fqhzbfr.exe
- %WINDIR%\aoynkuxmkwiuzck\ynhykdunk
- 'bu####ngbeauty.net':80
- 'st###report.net':80
- 'st###beauty.net':80
- 'st###garden.net':80
- 'do####market.net':80
- 'do####beauty.net':80
- 'do####garden.net':80
- 'pr####garden.net':80
- 'pr####emarket.net':80
- 'pr####ereport.net':80
- 'de####garden.net':80
- http://bu####ngbeauty.net/index.php
- http://st###beauty.net/index.php
- http://st###garden.net/index.php
- http://do####market.net/index.php
- http://do####beauty.net/index.php
- http://pr####garden.net/index.php
- http://pr####emarket.net/index.php
- http://pr####ereport.net/index.php
- http://de####garden.net/index.php
- http://st###report.net/index.php
- DNS ASK bu####ngbeauty.net
- DNS ASK bu#####gpleasure.net
- DNS ASK ev####gtoward.net
- DNS ASK bu####ngtoward.net
- DNS ASK ou####ewhite.net
- DNS ASK mo####ntwhite.net
- DNS ASK ou####emillion.net
- DNS ASK mo####ntmillion.net
- DNS ASK ou####epleasure.net
- DNS ASK mo#####tpleasure.net
- DNS ASK ou####etoward.net
- DNS ASK mo####nttoward.net
- DNS ASK st####thgarden.net
- DNS ASK st####thbeauty.net
- DNS ASK st####threport.net
- DNS ASK st####thmarket.net
- DNS ASK ev####gpleasure.net
- DNS ASK bu####ngmillion.net
- DNS ASK ev####gmillion.net
- DNS ASK bu####ngwhite.net
- DNS ASK do###rwhite.net
- DNS ASK pr####million.net
- DNS ASK do####million.net
- DNS ASK pr####pleasure.net
- DNS ASK do####pleasure.net
- DNS ASK pr####toward.net
- DNS ASK do####toward.net
- DNS ASK st###white.net
- DNS ASK mi###white.net
- DNS ASK mi####illion.net
- DNS ASK st####illion.net
- DNS ASK mi####leasure.net
- DNS ASK st####leasure.net
- DNS ASK mi###toward.net
- DNS ASK st###toward.net
- DNS ASK ev####gwhite.net
- DNS ASK pr###ywhite.net
- DNS ASK de####garden.net
- DNS ASK pr####egarden.net
- DNS ASK de####beauty.net
- DNS ASK pr####report.net
- DNS ASK do####report.net
- DNS ASK pr####market.net
- DNS ASK do####market.net
- DNS ASK mi###garden.net
- DNS ASK st###garden.net
- DNS ASK mi###beauty.net
- DNS ASK st###beauty.net
- DNS ASK mi###report.net
- DNS ASK st###report.net
- DNS ASK mi###market.net
- DNS ASK st###market.net
- DNS ASK ev####ggarden.net
- DNS ASK bu####nggarden.net
- DNS ASK ev####gbeauty.net
- DNS ASK do####beauty.net
- DNS ASK pr####beauty.net
- DNS ASK do####garden.net
- DNS ASK pr####garden.net
- DNS ASK de####report.net
- DNS ASK pr####ereport.net
- DNS ASK de####market.net
- DNS ASK pr####emarket.net
- DNS ASK re####garden.net
- DNS ASK br####garden.net
- DNS ASK re####beauty.net
- DNS ASK re####report.net
- DNS ASK br####beauty.net
- DNS ASK br####report.net
- DNS ASK re####market.net
- DNS ASK br####market.net
- DNS ASK fe####garden.net
- DNS ASK fe####beauty.net
- DNS ASK fe####report.net
- DNS ASK fe####market.net
- DNS ASK pr####ebeauty.net
- DNS ASK fe####toward.net
- 'C:\aoynkuxmkwiuzck\svvs62eooq0fqhzbfr.exe'
- 'C:\aoynkuxmkwiuzck\jbqywjcuqhj.exe'
- 'C:\aoynkuxmkwiuzck\kcczfeptygth.exe' "c:\aoynkuxmkwiuzck\jbqywjcuqhj.exe"