Technical Information
- <SYSTEM32>\azlist.exe (downloaded from the Internet)
- <SYSTEM32>\windnews.exe (downloaded from the Internet)
- <SYSTEM32>\tasksystem.exe (downloaded from the Internet)
- <SYSTEM32>\adobesys.exe (downloaded from the Internet)
- <SYSTEM32>\winhelp.exe (downloaded from the Internet)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\azlist[1].jpg
- <SYSTEM32>\tasksystem.exe
- <SYSTEM32>\azlist.exe
- <SYSTEM32>\windnews.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\windnews[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\tasksystem[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\adobesys[1].jpg
- <SYSTEM32>\adobesys.exe
- <SYSTEM32>\winhelp.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\winhelp[1].jpg
- 'li#####ras2011.com.br':80
- 'localhost':1035
- li#####ras2011.com.br/sw/azlist.jpg
- li#####ras2011.com.br/sw/windnews.jpg
- li#####ras2011.com.br/sw/tasksystem.jpg
- li#####ras2011.com.br/sw/adobesys.jpg
- li#####ras2011.com.br/sw/winhelp.jpg
- DNS ASK li#####ras2011.com.br
- '<Private IP address>':1036