Technical Information
- <SYSTEM32>\uq817alp192.exe (downloaded from the Internet)
- <SYSTEM32>\tyu.exe (downloaded from the Internet)
- <SYSTEM32>\ssuer7723.exe (downloaded from the Internet)
- <SYSTEM32>\ZetaX.exe (downloaded from the Internet)
- <SYSTEM32>\Desco.exe (downloaded from the Internet)
- %WINDIR%\explorer.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\Receita4[1].avi
- <SYSTEM32>\ssuer7723.exe
- <SYSTEM32>\uq817alp192.exe
- <SYSTEM32>\tyu.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\Receita5[1].avi
- <SYSTEM32>\ZetaX.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\Receita1[1].avi
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\Receita2[1].avi
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\Receita3[1].avi
- <SYSTEM32>\Desco.exe
- 'lo###idaweb.com':80
- 'localhost':1036
- lo###idaweb.com/Receita4.avi
- lo###idaweb.com/Receita5.avi
- lo###idaweb.com/Receita3.avi
- lo###idaweb.com/Receita1.avi
- lo###idaweb.com/Receita2.avi
- DNS ASK lo###idaweb.com
- ClassName: '' WindowName: 'GINA Logon'
- ClassName: '' WindowName: ''