Technical Information
- <SYSTEM32>\3av.exe (downloaded from the Internet)
- <SYSTEM32>\2st.exe (downloaded from the Internet)
- <SYSTEM32>\1hs.exe (downloaded from the Internet)
- <SYSTEM32>\2st.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\3av[1].jpg
- <SYSTEM32>\3av.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\2st[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\1hs[1].jpg
- <SYSTEM32>\1hs.exe
- 'ho####s.mxhoste.com':80
- 'localhost':1036
- ho####s.mxhoste.com/sesc1/3av.jpg
- ho####s.mxhoste.com/sesc1/2st.jpg
- ho####s.mxhoste.com/sesc1/1hs.jpg
- DNS ASK ho####s.mxhoste.com
- '<Private IP address>':1037