Technical Information
- %TEMP%\javainstall3.exe
- %TEMP%\javainstall4.exe
- %TEMP%\javainstall5.exe
- %TEMP%\javainstall1.exe
- %TEMP%\javainstall2.exe
- %TEMP%\javainstall4.exe (downloaded from the Internet)
- %TEMP%\javainstall5.exe (downloaded from the Internet)
- %TEMP%\javainstall2.exe (downloaded from the Internet)
- %TEMP%\javainstall3.exe (downloaded from the Internet)
- %TEMP%\javainstall1.exe (downloaded from the Internet)
- %TEMP%\javainstall3.txt
- %TEMP%\javainstall4.txt
- %TEMP%\javainstall5.txt
- %TEMP%\javainstall2.txt
- %TEMP%\nsu2.tmp
- %TEMP%\nsf3.tmp\inetc2.dll
- %TEMP%\javainstall1.txt
- %TEMP%\javainstall4.exe
- %TEMP%\javainstall5.exe
- %TEMP%\nsf3.tmp\inetc2.dll
- %TEMP%\javainstall1.exe
- %TEMP%\javainstall2.exe
- %TEMP%\javainstall3.exe
- 'www.ma####wnloads.info':80
- www.ma####wnloads.info/dl/index.cgi?ci###############################################
- DNS ASK www.ma####wnloads.info
- '<Private IP address>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '#32770' WindowName: ''