Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\<Virus name>.exe.lnk
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\abank2.corsgate[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\abank.corsgate[1]
- <SYSTEM32>\<Virus name>.exe
- 'ab####.corsgate.com':80
- 'ab###.corsgate.com':80
- ab####.corsgate.com/
- ab####.corsgate.com/username.asp?Ui#####################################
- ab###.corsgate.com/msg.asp?Ui#####################################
- ab###.corsgate.com/
- DNS ASK ab####.corsgate.com
- DNS ASK ab###.corsgate.com
- '<Private IP address>':1036
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''