Technical Information
- %PROGRAM_FILES%\FunshionInstall_C1385.exe (downloaded from the Internet) /S
- %PROGRAM_FILES%\FunshionInstall_C1385.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\download[1].php
- %TEMP%\nsc2.tmp\inetc.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\download[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\download[1].php
- 'ne#####.funshion.com':80
- ne#####.funshion.com/software/download.php?id#######################################
- DNS ASK ne#####.funshion.com
- '<Private IP address>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''