Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\userinit.exe
- %TEMP%\_un1.tmp
- <LS_APPDATA>\Windows\logs\SysInfo.txt
- <LS_APPDATA>\Windows\logs\0000hHEL.09.lnk
- <LS_APPDATA>\Windows\userinit.dll
- %ALLUSERSPROFILE%\Application Data\desktop.BIN
- <LS_APPDATA>\Windows\userinit.exe
- <LS_APPDATA>\Windows\logs\SysInfo.txt
- %TEMP%\_un1.tmp
- 'www.ad###suit.com':80
- www.ad###suit.com/windowsupdatev7/search%3Fhl%3DVQBTAEUAUgAtADQAQgBCADAAOQBBADkAQwAwADIA%26q%3DMQA5ADIALgAxADYAOAAuADEAOQAwAC4AMQAzADUA%26meta%3DLi4%3D%26id%3Dhvdypflefruskjj
- www.ad###suit.com/windowsupdatev7/search%3Fhl%3DVQBTAEUAUgAtADQAQgBCADAAOQBBADkAQwAwADIA%26q%3DMQA5ADIALgAxADYAOAAuADEAOQAwAC4AMQAzADUA%26meta%3DLg%3D%3D%26id%3Dpodtuwpuizsmdtv
- www.ad###suit.com/windowsupdatev7/search%3Fhl%3DVQBTAEUAUgAtADQAQgBCADAAOQBBADkAQwAwADIA%26q%3DMQA5ADIALgAxADYAOAAuADEAOQAwAC4AMQAzADUA%26meta%3DMDAwMGhIRUwuMDk%3D%26id%3Dlfdxfircvscxggb
- DNS ASK www.ad###suit.com