Technical Information
- %WINDIR%\imsinsl.exe
- %WINDIR%\imsinsl.exe (downloaded from the Internet)
- %WINDIR%\imsinsl.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\tornado[1].jpg
- <Full path to virus>
- 'www.ar####om.front.ru':80
- 'localhost':1037
- www.ar####om.front.ru/tornado.jpg
- DNS ASK www.ar####om.front.ru
- '<Private IP address>':1038