Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Registry Editor' = '%APPDATA%\Microsoft\regedit.exe'
- %APPDATA%\mzs.exe
- %APPDATA%\microsoft\regedit.exe
- %APPDATA%\mzs.exe
- %APPDATA%\microsoft\regedit.exe
- http://www.fi####p-address.org/
- http://eo##rs.com/epidemic/errors/report.php?Na##################################################################################################################################################...
- DNS ASK fi####p-address.org
- DNS ASK ig###our.info
- DNS ASK eo##rs.com
- DNS ASK eo##rs.us
- '%APPDATA%\mzs.exe'