Technical Information
- %WINDIR%\explorer.exe
- <SYSTEM32>\rundll32.exe "%TEMP%\JQfDNCLd.dll," CdapiInit QuickAuthenticationNotifier
- <SYSTEM32>\rundll32.exe "%TEMP%\htXgvMpj.dll,DllUnregisterServer" install
- %TEMP%\Z6xYPnMw
- %TEMP%\JQfDNCLd.dll
- %TEMP%\nsa2.tmp\SelfDel.dll
- %TEMP%\htXgvMpj.dll
- %TEMP%\nsa2.tmp\GetVersion.dll
- %TEMP%\nsa2.tmp\System.dll
- %TEMP%\nsa2.tmp\inetc.dll
- %TEMP%\nsa2.tmp\SelfDel.dll
- %TEMP%\nsa2.tmp\System.dll
- %TEMP%\nsa2.tmp\GetVersion.dll
- %TEMP%\nsa2.tmp\inetc.dll
- 'up######.hochgeseg.co.cc':80
- up######.hochgeseg.co.cc/bNvBWYfL2EvGgpmf0MJR8kBMqQfiRgpV3jnY0UOy6ZZJHkSeY/sFKmPr
- up######.hochgeseg.co.cc/pkMj3cZt6yW8p/EaTxxgnoGd8i4O+62ovuTckruYHGwUFBXIuJtLzNb2noRHcd7q+L/xNnjVAod3NpFz3FaeFiclhUQ8Trof3ZygaZ4krBQ=
- up######.hochgeseg.co.cc/TYHNkKft2BQyJurlLyhXHY15Y6J73dYVHrJI84aheNv+NVUI7PaxDXMxiVL5E6bgolOr+W1rPsohSwdG
- DNS ASK up######.hochgeseg.co.cc
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''