Technical Information
- '<SYSTEM32>\taskkill.exe' /F /T /IM setuperr.exe
- '<SYSTEM32>\taskkill.exe' /F /T /IM null
- %WINDIR%\rtlexupd.ini
- %WINDIR%\setuperr.exe
- from <Full path to file> to <Current directory>\zlscpfyxad.exe
- 'sw###nzy.com':443
- 'pk#.goog':80
- http://pk#.goog/gsr1/gsr1.crt
- 'sw###nzy.com':443
- DNS ASK sw###nzy.com
- DNS ASK pk#.goog
- 'localhost':52243
- 'localhost':65045
- 'localhost':64688
- ClassName: '' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c CLS
- '<SYSTEM32>\cmd.exe' /c ipconfig /flushdns
- '<SYSTEM32>\ipconfig.exe' /flushdns
- '<SYSTEM32>\cmd.exe' /c ipconfig /release
- '<SYSTEM32>\ipconfig.exe' /release
- '<SYSTEM32>\cmd.exe' /c ipconfig /renew
- '<SYSTEM32>\ipconfig.exe' /renew
- '<SYSTEM32>\cmd.exe' /c taskkill /F /T /IM setuperr.exe
- '<SYSTEM32>\cmd.exe' /c taskkill /F /T /IM null