Technical Information
- <SYSTEM32>\cacls.exe "%PROGRAM_FILES%\Alwil Software" /T /E /C /P SYSTEM:N
- <SYSTEM32>\cacls.exe "%PROGRAM_FILES%\Alwil Software" /T /E /C /P Todos:N
- <SYSTEM32>\rundll32.exe <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen %PROGRAM_FILES%\TioqkCpe\sEsq5eLl.jpg
- %HOMEPATH%\Recent\sEsq5eLl.lnk
- %HOMEPATH%\Recent\TioqkCpe.lnk
- %PROGRAM_FILES%\TioqkCpe\sEsq5eLl.jpg
- <Current directory>\sEsq5eLl.jpg
- <Full path to virus>
- %PROGRAM_FILES%\TioqkCpe\sEsq5eLl.jpg
- 'www.bv###.#logger.com.br':80
- www.bv###.#logger.com.br/Galera%20da%20Facu%20em%20Pirapora.jpg
- DNS ASK www.bv###.#logger.com.br
- '<Private IP address>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''