Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Connection Studio File Browser Management Link' = '<SYSTEM32>\gomzbcud.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\gomzbcud.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\DHCP Endpoint Reports DLL Connect Player] 'Start' = '00000002'
- Windows Security Center
- '<SYSTEM32>\ifgtcyi.exe' "<SYSTEM32>\gomzbcud.exe"
- '%WINDIR%\Temp\rncouv3mw8tr.exe' -r 36879 tcp
- '%TEMP%\rncouv3f24tvwkfhfqh.exe'
- '<SYSTEM32>\gomzbcud.exe'
- <SYSTEM32>\alkxvxjqygq\run
- <SYSTEM32>\alkxvxjqygq\rng
- %WINDIR%\Temp\rncouv3mw8tr.exe
- <SYSTEM32>\alkxvxjqygq\cfg
- <SYSTEM32>\ifgtcyi.exe
- %TEMP%\rncouv3f24tvwkfhfqh.exe
- <SYSTEM32>\alkxvxjqygq\tst
- <SYSTEM32>\gomzbcud.exe
- <SYSTEM32>\alkxvxjqygq\etc
- <SYSTEM32>\ifgtcyi.exe
- <SYSTEM32>\gomzbcud.exe
- %WINDIR%\Temp\rncouv3mw8tr.exe
- <DRIVERS>\etc\hosts
- %TEMP%\rncouv3f24tvwkfhfqh.exe
- 'tr###noise.net':80
- 'mi###ull.net':80
- 'tr###pull.net':80
- 'mi###oise.net':80
- 'tr###fruit.net':80
- 'mi###ise.net':80
- 'tr###rise.net':80
- 'wi###ruit.net':80
- 'du###oise.net':80
- 'wi###ull.net':80
- 'du###ull.net':80
- 'wi###oise.net':80
- 'du###ruit.net':80
- 'wi###ise.net':80
- 'du###ise.net':80
- 'mi###ruit.net':80
- 'vi###mojo.com':80
- 'am###stol.com':80
- 'we#####reforyounow.com':80
- 'mo###uia.com':80
- 'do####club-grup.com':80
- 'el#####arimagine.com':80
- 'ja###uter.com':80
- 'dr###aunt.net':80
- 'wi###reat.net':80
- 'dr###dont.net':80
- 'wi###ont.net':80
- 'dr###great.net':80
- 'wi###unt.net':80
- 'dr###scene.net':80
- 'wi###cene.net':80
- http://tr###noise.net/forum/search.php?me#########################################
- http://mi###ull.net/forum/search.php?me#########################################
- http://tr###pull.net/forum/search.php?me#########################################
- http://mi###oise.net/forum/search.php?me#########################################
- http://tr###fruit.net/forum/search.php?me#########################################
- http://mi###ise.net/forum/search.php?me#########################################
- http://tr###rise.net/forum/search.php?me#########################################
- http://wi###ruit.net/forum/search.php?me#########################################
- http://du###oise.net/forum/search.php?me#########################################
- http://wi###ull.net/forum/search.php?me#########################################
- http://du###ull.net/forum/search.php?me#########################################
- http://wi###oise.net/forum/search.php?me#########################################
- http://du###ruit.net/forum/search.php?me#########################################
- http://wi###ise.net/forum/search.php?me#########################################
- http://du###ise.net/forum/search.php?me#########################################
- http://mi###ruit.net/forum/search.php?me#########################################
- http://vi###mojo.com/forum/search.php?me#########################################
- http://am###stol.com/forum/search.php?me#########################################
- http://we#####reforyounow.com/forum/search.php?me#########################################
- http://mo###uia.com/forum/search.php?me#########################################
- http://do####club-grup.com/forum/search.php?me#########################################
- http://el#####arimagine.com/forum/search.php?me#########################################
- http://ja###uter.com/forum/search.php?me#########################################
- http://dr###aunt.net/forum/search.php?me#########################################
- http://wi###reat.net/forum/search.php?me#########################################
- http://dr###dont.net/forum/search.php?me#########################################
- http://wi###ont.net/forum/search.php?me#########################################
- http://dr###great.net/forum/search.php?me#########################################
- http://wi###unt.net/forum/search.php?me#########################################
- http://dr###scene.net/forum/search.php?me#########################################
- http://wi###cene.net/forum/search.php?me#########################################
- DNS ASK mi###ull.net
- DNS ASK tr###noise.net
- DNS ASK wi###ruit.net
- DNS ASK tr###pull.net
- DNS ASK mi###ise.net
- DNS ASK tr###fruit.net
- DNS ASK mi###oise.net
- DNS ASK tr###rise.net
- DNS ASK wi###ull.net
- DNS ASK du###oise.net
- DNS ASK th###fruit.net
- DNS ASK du###ull.net
- DNS ASK wi###ise.net
- DNS ASK du###ruit.net
- DNS ASK wi###oise.net
- DNS ASK du###ise.net
- DNS ASK mi###ruit.net
- DNS ASK vi###mojo.com
- DNS ASK am###stol.com
- DNS ASK we#####reforyounow.com
- DNS ASK mo###uia.com
- DNS ASK do####club-grup.com
- DNS ASK el#####arimagine.com
- DNS ASK ja###uter.com
- DNS ASK dr###aunt.net
- DNS ASK wi###reat.net
- DNS ASK dr###dont.net
- DNS ASK wi###ont.net
- DNS ASK dr###great.net
- DNS ASK wi###unt.net
- DNS ASK dr###scene.net
- DNS ASK wi###cene.net
- '23#.#55.255.250':1900