Technical Information
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\<Virus name>.exe
- <Current directory>\taskmgr.exe
- <LS_APPDATA>Crypt.exe (downloaded from the Internet)
- outpost.exe
- zlclient.exe
- bdagent.exe
- AVP.EXE
- <Current directory>\taskmgr.exe
- <LS_APPDATA>Crypt.exe
- <Current directory>\taskmgr.exe
- 'au##.#earch.msn.com':80
- 'localhost':1038
- 'dl.##opbox.com':80
- au##.#earch.msn.com/response.asp?MT################################################################
- au##.#earch.msn.com/response.asp?MT####################################################################
- dl.##opbox.com/u/21651962/Crypt.exe
- DNS ASK au##.#earch.msn.com
- DNS ASK dl.##opbox.com