Technical Information
- <SYSTEM32>\ashservdll.exe (downloaded from the Internet)
- <SYSTEM32>\ssleay32.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\winlogons[1].jpg
- <SYSTEM32>\ashservdll.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\image1[1].jpg
- <SYSTEM32>\libeay32.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\image2[1].jpg
- 'ne#######tda.web46.f1.k8.com.br':80
- 'localhost':1037
- ne#######tda.web46.f1.k8.com.br/guama//winlogons.jpg
- ne#######tda.web46.f1.k8.com.br/guama//image2.jpg
- ne#######tda.web46.f1.k8.com.br/guama//image1.jpg
- DNS ASK ne#######tda.web46.f1.k8.com.br