Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Trap' = '<Current directory>\Trap.exe'
- <Current directory>\3ead65176ba65e9f4e88ade
- %TEMP%\~ip.tmp
- <Current directory>\key3.db
- <Current directory>\key3.db
- %TEMP%\~ip.tmp
- %TEMP%\~ip.tmp
- '93.##8.134.11':587
- 'wh###smyip.com':80
- 'ch####p.dyndns.org':80
- http://www.wh###smyip.com/?rn######################################## via wh###smyip.com
- http://ch####p.dyndns.org/?rn#########################################
- DNS ASK smtp.yandex.ru
- DNS ASK www.wh###smyip.com
- DNS ASK ch####p.dyndns.org
- '<SYSTEM32>\reg.exe' export "hkcu\software\microsoft\Internet Explorer\IntelliForms" "<Current directory>\IE.reg"
- '<SYSTEM32>\cmd.exe' /c reg export "hkcu\software\microsoft\Internet Explorer\IntelliForms" "<Current directory>\IE.reg"