Technical Information
- %TEMP%\pusk.exe
- %TEMP%\pusk.exe (downloaded from the Internet)
- <SYSTEM32>\svchost.exe <Full path to virus>
- %TEMP%\pusk.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\pusk[1].exe
- 'pu#####yaustanovka.ru':80
- pu#####yaustanovka.ru/pusk.exe
- DNS ASK pu#####yaustanovka.ru
- '<Private IP address>':1035