Technical Information
- %WINDIR%\explorer.exe
- <SYSTEM32>\rundll32.exe %TEMP%\YWjbhcDF.dll,DllUnregisterServer install
- %TEMP%\YWjbhcDF.dll
- %TEMP%\Hp7rcxRW
- %TEMP%\nsj2.tmp\SelfDel.dll
- %TEMP%\nsj2.tmp\GetVersion.dll
- %TEMP%\nsj2.tmp\System.dll
- %TEMP%\nsj2.tmp\inetc.dll
- %TEMP%\nsj2.tmp\SelfDel.dll
- %TEMP%\nsj2.tmp\System.dll
- %TEMP%\nsj2.tmp\GetVersion.dll
- %TEMP%\nsj2.tmp\inetc.dll
- 'up#####5.kozee.ce.ms':80
- up#####5.kozee.ce.ms/VLkqghPZ/ibSlViWj9hYQ5LN0iattDBF/Fu2QzdlazVU4p4MNnL0dtQPt18PFOkFPnTbCaSY5fW7pVz6qfwoHhB/IHGs/wABwSu1cTdl31c=
- up#####5.kozee.ce.ms/4PZrVfRMaiXFC18QrUSF5cB7selichrOYl6ywuJUNelBlZZ5ZyxRwyqO5C671Z4Bgf8BrZKJL7Ctvtz8
- DNS ASK up#####5.kozee.ce.ms
- '<Private IP address>':1036
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''