Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\SidebarUpdater.lnk
- '' (downloaded from the Internet)
- %TEMP%\OKI.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\PWD[1].jpg
- %TEMP%\contemp.exe
- %APPDATA%\OKIiCGEgXV.exe
- %APPDATA%\OKIiCGEgXV.exe
- %TEMP%\contemp.exe
- %APPDATA%\OKIiCGEgXV.exe
- %APPDATA%\OKIiCGEgXV.exe
- 'di####upload.site':80
- 'wp#d':80
- 'ap#.#pify.org':443
- 'sm##.gmail.com':587
- http://di####upload.site/PWD.jpg
- http://11#.#11.111.2/wpad.dat via wp#d
- DNS ASK di####upload.site
- DNS ASK wp#d
- DNS ASK ap#.#pify.org
- DNS ASK sm##.gmail.com
- '%TEMP%\OKI.exe'
- '%TEMP%\contemp.exe' all -oN
- '<SYSTEM32>\cmd.exe' /cEcho off & del /q %TEMP%\contemp.exe & Exit