Technical Information
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] 'Parental PnP-X TCP/IP Locator Cache' = '%APPDATA%\utseaaxzhzmr\jeiwqpdwu.exe'
- %APPDATA%\utseaaxzhzmr\jeiwqpdwu.exe
- %APPDATA%\utseaaxzhzmr\pelgagdhk.exe
- %APPDATA%\utseaaxzhzmr\jeiwqpdwu.wzu7
- %APPDATA%\utseaaxzhzmr\jeiwqpdwu.exe
- DNS ASK qu###divide.net
- DNS ASK se####divide.net
- DNS ASK ag####tmanner.net
- DNS ASK do###manner.net
- DNS ASK ag####tanother.net
- DNS ASK do####nother.net
- DNS ASK ag####tbusiness.net
- DNS ASK do####usiness.net
- '%APPDATA%\utseaaxzhzmr\jeiwqpdwu.exe'
- '%APPDATA%\utseaaxzhzmr\pelgagdhk.exe' "%APPDATA%\utseaaxzhzmr\jeiwqpdwu.exe"