Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'AutoConnect Encryption Video' = 'C:\twzgcyngynm\zsicxgj.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Accounts Level SNMP Keying Collector Cache] 'ImagePath' = 'C:\twzgcyngynm\zsicxgj.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Accounts Level SNMP Keying Collector Cache] 'Start' = '00000002'
- 'C:\twzgcyngynm\xeuwdupgup.exe' "c:\twzgcyngynm\zsicxgj.exe"
- 'C:\twzgcyngynm\zsicxgj.exe'
- 'C:\twzgcyngynm\b12luhapqthxaa.exe'
- C:\twzgcyngynm\zsicxgj.exe
- C:\twzgcyngynm\xeuwdupgup.exe
- C:\twzgcyngynm\kmstlj
- %WINDIR%\twzgcyngynm\ha4ztbcwri
- C:\twzgcyngynm\ha4ztbcwri
- C:\twzgcyngynm\b12luhapqthxaa.exe
- C:\twzgcyngynm\xeuwdupgup.exe
- C:\twzgcyngynm\zsicxgj.exe
- C:\twzgcyngynm\b12luhapqthxaa.exe
- %WINDIR%\twzgcyngynm\ha4ztbcwri
- 'ri###fence.net':80
- 'wh####rfence.net':80
- 'ri###guard.net':80
- 'fi####airplane.net':80
- 'th####straight.net':80
- 'fi####straight.net':80
- 'th####airplane.net':80
- 'wh####rairplane.net':80
- 'fo####nfence.net':80
- 'su###nfence.net':80
- 'ri####irplane.net':80
- 'wh####rguard.net':80
- 'ri####traight.net':80
- 'wh####rstraight.net':80
- 'ci####tteguard.net':80
- 'pi####eguard.net':80
- 'ci#####testraight.net':80
- 'pi####efence.net':80
- 'fa####airplane.net':80
- 'ch#####nairplane.net':80
- 'ci####ttefence.net':80
- 'fi###efence.net':80
- 'th###hguard.net':80
- 'fi###eguard.net':80
- 'th###hfence.net':80
- 'pi####estraight.net':80
- 'ci#####teairplane.net':80
- 'pi####eairplane.net':80
- 'fo####nguard.net':80
- 'ex####straight.net':80
- 'be####eairplane.net':80
- 'ex####airplane.net':80
- 'be####estraight.net':80
- 'ex###tfence.net':80
- 'be####eguard.net':80
- 'ex###tguard.net':80
- 'en####hspring.net':80
- 'ei####spring.net':80
- 'en####hfound.net':80
- 'ei####success.net':80
- 'en####hbanker.net':80
- 'ei####banker.net':80
- 'en####hsuccess.net':80
- 'su####airplane.net':80
- 'ma####efence.net':80
- 'pe###nfence.net':80
- 'fo####nairplane.net':80
- 'su###nguard.net':80
- 'fo####nstraight.net':80
- 'su####straight.net':80
- 'ma####eairplane.net':80
- 'pe####airplane.net':80
- 'be####efence.net':80
- 'pe####straight.net':80
- 'ma####eguard.net':80
- 'pe###nguard.net':80
- 'ma####estraight.net':80
- http://ri###fence.net/index.php?me########
- http://wh####rfence.net/index.php?me########
- http://ri###guard.net/index.php?me########
- http://fi####airplane.net/index.php?me########
- http://th####straight.net/index.php?me########
- http://fi####straight.net/index.php?me########
- http://th####airplane.net/index.php?me########
- http://wh####rairplane.net/index.php?me########
- http://fo####nfence.net/index.php?me########
- http://su###nfence.net/index.php?me########
- http://ri####irplane.net/index.php?me########
- http://wh####rguard.net/index.php?me########
- http://ri####traight.net/index.php?me########
- http://wh####rstraight.net/index.php?me########
- http://ci####tteguard.net/index.php?me########
- http://pi####eguard.net/index.php?me########
- http://ci#####testraight.net/index.php?me########
- http://pi####efence.net/index.php?me########
- http://fa####airplane.net/index.php?me########
- http://ch#####nairplane.net/index.php?me########
- http://ci####ttefence.net/index.php?me########
- http://fi###efence.net/index.php?me########
- http://th###hguard.net/index.php?me########
- http://fi###eguard.net/index.php?me########
- http://th###hfence.net/index.php?me########
- http://pi####estraight.net/index.php?me########
- http://ci#####teairplane.net/index.php?me########
- http://pi####eairplane.net/index.php?me########
- http://fo####nguard.net/index.php?me########
- http://ex####straight.net/index.php?me########
- http://be####eairplane.net/index.php?me########
- http://ex####airplane.net/index.php?me########
- http://be####estraight.net/index.php?me########
- http://ex###tfence.net/index.php?me########
- http://be####eguard.net/index.php?me########
- http://ex###tguard.net/index.php?me########
- http://en####hspring.net/index.php?me########
- http://ei####spring.net/index.php?me########
- http://en####hfound.net/index.php?me########
- http://ei####success.net/index.php?me########
- http://en####hbanker.net/index.php?me########
- http://ei####banker.net/index.php?me########
- http://en####hsuccess.net/index.php?me########
- http://su####airplane.net/index.php?me########
- http://ma####efence.net/index.php?me########
- http://pe###nfence.net/index.php?me########
- http://fo####nairplane.net/index.php?me########
- http://su###nguard.net/index.php?me########
- http://fo####nstraight.net/index.php?me########
- http://su####straight.net/index.php?me########
- http://ma####eairplane.net/index.php?me########
- http://pe####airplane.net/index.php?me########
- http://be####efence.net/index.php?me########
- http://pe####straight.net/index.php?me########
- http://ma####eguard.net/index.php?me########
- http://pe###nguard.net/index.php?me########
- http://ma####estraight.net/index.php?me########
- DNS ASK ri###fence.net
- DNS ASK wh####rfence.net
- DNS ASK ri###guard.net
- DNS ASK fi####airplane.net
- DNS ASK th####straight.net
- DNS ASK fi####straight.net
- DNS ASK th####airplane.net
- DNS ASK wh####rairplane.net
- DNS ASK fo####nfence.net
- DNS ASK su###nfence.net
- DNS ASK ri####irplane.net
- DNS ASK wh####rguard.net
- DNS ASK ri####traight.net
- DNS ASK wh####rstraight.net
- DNS ASK fi###eguard.net
- DNS ASK pi####efence.net
- DNS ASK ci####tteguard.net
- DNS ASK pi####eguard.net
- DNS ASK ci####ttefence.net
- DNS ASK ch#####nstraight.net
- DNS ASK fa####airplane.net
- DNS ASK ch#####nairplane.net
- DNS ASK th###hfence.net
- DNS ASK fi###efence.net
- DNS ASK th###hguard.net
- DNS ASK pi####eairplane.net
- DNS ASK ci#####testraight.net
- DNS ASK pi####estraight.net
- DNS ASK ci#####teairplane.net
- DNS ASK ex####straight.net
- DNS ASK be####eairplane.net
- DNS ASK ex####airplane.net
- DNS ASK be####estraight.net
- DNS ASK ex###tfence.net
- DNS ASK be####eguard.net
- DNS ASK ex###tguard.net
- DNS ASK en####hspring.net
- DNS ASK ei####spring.net
- DNS ASK en####hfound.net
- DNS ASK ei####success.net
- DNS ASK en####hbanker.net
- DNS ASK ei####banker.net
- DNS ASK en####hsuccess.net
- DNS ASK be####efence.net
- DNS ASK fo####nairplane.net
- DNS ASK su####airplane.net
- DNS ASK ma####efence.net
- DNS ASK su####straight.net
- DNS ASK fo####nguard.net
- DNS ASK su###nguard.net
- DNS ASK fo####nstraight.net
- DNS ASK pe####straight.net
- DNS ASK ma####eairplane.net
- DNS ASK pe####airplane.net
- DNS ASK ma####estraight.net
- DNS ASK pe###nfence.net
- DNS ASK ma####eguard.net
- DNS ASK pe###nguard.net
- ClassName: 'Shell_TrayWnd' WindowName: ''