Whois data shows me both domains were registered earlier today.
[code]$ whois tr069.support
Domain Name: tr069.support
Domain ID: fec618e5a8fd4ac7bbc5597a04696b08-DONUTS
WHOIS Server: www.gandi.net/whois
Referral URL: https://www.gandi.net
Updated Date: 2016-11-29T10:40:22Z
Creation Date: 2016-11-29T10:40:22Z
There's nothing sophisticated about this malware. It probably doesn't affect your network. But the amount of vulnerable devices on the Internet is something you should give a shit about. This is how botnets happen, and botnets are how big DDoS attacks happen.
I don't have a Yara signature for this malware because nobody uses Yara on embedded devices.
Don't give your money to vendors that have a long history of consistently not giving a shit about securing their products
Check if port 7547 is open on your router. If so, probably just buy a new router
If you want to be really paranoid and you run a big website or company, use Shodan to find all the vulnerable devices and go ahead and block them so you don't have to worry about getting caught in the DDoS fallout when it inevitably happens.
Hit me up on Twitter or shoot me an email if you have any questions. Thanks for reading my post!