Technical Information
- C:\winner.exe (downloaded from the Internet)
- C:\calc.exe (downloaded from the Internet)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\wbs[1].exe
- C:\winner.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\smt[1].exe
- C:\calc.exe
- 'www.in####onexioncp.com':80
- 'localhost':1036
- www.in####onexioncp.com/templates/domit/wbs.exe
- www.in####onexioncp.com/templates/domit/smt.exe
- DNS ASK www.in####onexioncp.com
- '<Private IP address>':1037
- ClassName: 'MS_WINHELP' WindowName: ''