Technical Information
- <SYSTEM32>\Winlogom.exe (downloaded from the Internet)
- %WINDIR%\imsinsl.exe (downloaded from the Internet)
- <SYSTEM32>\Winlogom.exe
- %WINDIR%\imsinsl.exe
- <Full path to virus>
- 'www.of####anetpbs.com':80
- 'localhost':1037
- www.of####anetpbs.com/log.log
- www.of####anetpbs.com/logo.log
- DNS ASK www.of####anetpbs.com