Technical Information
- %TEMP%\_ir_sf_temp_0\irsetup.exe
- %TEMP%\_ir_sf_temp_0\lua5.1.dll
- %TEMP%\_ir_sf_temp_0\irsetup.dat
- %TEMP%\_ir_sf_temp_0\timy.enc
- %TEMP%\timy.exe
- %TEMP%\_ir_sf_temp_1\irsetup.exe
- %TEMP%\_ir_sf_temp_1\lua5.1.dll
- %TEMP%\_ir_sf_temp_1\irsetup.dat
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\mobilekey[1]
- %TEMP%\_ir_sf_temp_0\irsetup.dat
- %TEMP%\_ir_sf_temp_0\irsetup.exe
- %TEMP%\_ir_sf_temp_1\irsetup.dat
- 'localhost':1037
- 'mo###ekey.pw':80
- 'pa###bin.com':443
- http://mo###ekey.pw/
- DNS ASK mo###ekey.pw
- DNS ASK pa###bin.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- '%TEMP%\_ir_sf_temp_0\irsetup.exe' __IRAOFF:1762162 "__IRAFN:<Full path to file>" "__IRCT:0" "__IRTSS:0" "__IRSID:S-1-5-21-2052111302-484763869-725345543-1003"
- '%TEMP%\timy.exe'
- '%TEMP%\_ir_sf_temp_1\irsetup.exe' __IRAOFF:1742194 "__IRAFN:%TEMP%\timy.exe" "__IRCT:1" "__IRTSS:0" "__IRSID:S-1-5-21-2052111302-484763869-725345543-1003"