Technical Information
- %WINDIR%\syswow64\svchost.exe
- %TEMP%\winupdates.exe
- 'google.com':443
- 'se####.nanodirect.com':80
- http://se####.nanodirect.com/core/storage/loader/uploads/Ywebu.exe
- 'google.com':443
- DNS ASK google.com
- DNS ASK se####.nanodirect.com
- '%TEMP%\winupdates.exe'
- '%WINDIR%\syswow64\svchost.exe'