Technical Information
- %TEMP%\safepstbackup_1_00.exe (downloaded from the Internet)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\safepstbackup_free_setup_110_x86[1].exe
- %TEMP%\safepstbackup_1_00.exe
- %TEMP%\nso2.tmp\System.dll
- %TEMP%\nso2.tmp\inetc.dll
- %TEMP%\nso2.tmp\System.dll
- %TEMP%\nso2.tmp\inetc.dll
- 'dl.###ekicker.com':80
- dl.###ekicker.com/send/file/234734-M8HK/safepstbackup_free_setup_110_x86.exe
- DNS ASK dl.###ekicker.com
- '<Private IP address>':1036
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''