Technical Information
- <SYSTEM32>\BTStacFrr.exe
- <SYSTEM32>\BTStacLrj.exe
- <SYSTEM32>\BTStacFrr.exe (downloaded from the Internet)
- <SYSTEM32>\BTStacLrj.exe (downloaded from the Internet)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\BTStacAvs[1].js
- <SYSTEM32>\BTStacFrr.exe
- <SYSTEM32>\BTStacLrj.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\fhash[1].js
- 'ce###agomes.com':80
- 'localhost':1035
- ce###agomes.com/BTStacAvs.js
- ce###agomes.com/fhash.js
- DNS ASK ce###agomes.com
- '<Private IP address>':1036