Technical Information
- C:\tempq\pagina.exe (downloaded from the Internet)
- C:\tempq\wimlo.exe (downloaded from the Internet)
- C:\tempq\poker.exe (downloaded from the Internet)
- C:\tempq\dww.exe (downloaded from the Internet)
- C:\tempq\dww.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\divinopolis[1].bmp
- C:\tempq\pagina.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\indiara[1].bmp
- C:\tempq\wimlo.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\canedo[1].bmp
- C:\tempq\poker.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\britania[1].bmp
- 'tu###c.com.br':80
- 'localhost':1035
- tu###c.com.br/webuol/divinopolis.bmp
- tu###c.com.br/webuol/indiara.bmp
- tu###c.com.br/webuol/canedo.bmp
- tu###c.com.br/webuol/britania.bmp
- DNS ASK tu###c.com.br