Technical Information
- %TEMP%\svchosts.exe
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\metadata\f0accf77cdcbff39f6191887f6d2d357
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\content\f0accf77cdcbff39f6191887f6d2d357
- %HOMEPATH%\desktop\vl truyen ky.lnk
- <Current directory>\update.xml
- <Current directory>\autojxtrain.zip
- %PROGRAMDATA%\microsoft\windows\start menu\programs\startup\svchosts.exe
- http://ti####aogiangho.net/update/launcher/
- http://s2##l.com/update/volam_tieungaogianghonet/checkupdate.php
- http://at####.s2lol.com/action3.php
- http://at####.s2lol.com/svchosts.exe
- http://at####.s2lol.com/svchosts.php
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- http://ti####aogiangho.net/update/hostfile/update.php
- http://ti####aogiangho.net/update/hostfile/taptin/AutoJXTrain.zip
- http://im#.zing.vn/wjx/skin/launcher_v3/js/jsupersleight/supersleight.js
- DNS ASK s2##l.com
- DNS ASK ti####aogiangho.net
- DNS ASK at####.s2lol.com
- DNS ASK im#.zing.vn
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%TEMP%\svchosts.exe'
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Get-MpPreference -verbose