Technical Information
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\] 'Microsoft Driver Setup' = '<SYSTEM32>\Zsnkstl.exe'
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\] 'Microsoft Driver Setup' = '<SYSTEM32>\Zsnkstl.exe'
- zsnkstl.exe
- %WINDIR%\syswow64\zsnkstl.exe
- %WINDIR%\syswow64\zsnkstl.exe
- 'bi##ity.org':81
- DNS ASK ja##.##TLUFAMILY.COM
- DNS ASK bi##ity.org
- '%WINDIR%\syswow64\zsnkstl.exe'
- '%WINDIR%\syswow64\zsnkstl.exe' ' (with hidden window)
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowWarningDialog "<Full path to file>"