Technical Information
- %HOMEPATH%\Templates\ad30161
- %ALLUSERSPROFILE%\Application Data\921c2659
- <LS_APPDATA>\6fd89cbd
- %WINDIR%\Resources\cb0fdd02
- %TEMP%\ihp1.tmp
- <LS_APPDATA>\qkm.exe
- %APPDATA%\477768a6
- %TEMP%\ihp1.tmp
- 'ny###emadyk.com':80
- ny###emadyk.com/1022000112
- DNS ASK ny###emadyk.com
- '<Private IP address>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'imcodafbd' WindowName: 'c'
- ClassName: '' WindowName: ''