Technical Information
- %WINDIR%\Cursors\Tajha.exe
- %WINDIR%\Cursors\Tajha.exe (downloaded from the Internet)
- %WINDIR%\Cursors\Tajha.exe
- 'dl.##opbox.com':80
- 'wp#d':80
- dl.##opbox.com/u/49380795/Tajha.exe
- wp#d/wpad.dat
- DNS ASK dl.##opbox.com
- DNS ASK wp#d
- '<Private IP address>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''