Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Unknows' = '<Full path to virus>'
- %PROGRAM_FILES%\arquivos comuns\picasa check\loga.dll
- %WINDIR%\Media\NewIcon.ico
- from <Full path to virus> to <Current directory>\000003B74FEA0015
- 'da######.sites.uol.com.br':80
- da######.sites.uol.com.br/novo2011/config.html
- DNS ASK da######.sites.uol.com.br
- '<Private IP address>':1037