Technical Information
- %TEMP%\nsd2.tmp\bundle.exe (downloaded from the Internet) /S
- %TEMP%\nsd2.tmp\bundle.exe
- %TEMP%\nsd2.tmp\inetc.dll
- %TEMP%\nsd2.tmp\nsRandom.dll
- %TEMP%\nsd2.tmp\nsRandom.dll
- %TEMP%\nsd2.tmp\inetc.dll
- %TEMP%\nsd2.tmp\bundle.exe
- '19##.#gett.co.cc':80
- 19##.#gett.co.cc/download.php?to############################################
- DNS ASK 19##.#gett.co.cc
- '<Private IP address>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''