Technical Information
- %WINDIR%\Temp\Л«їЄЗэ¶ЇіМРт.exe
- %WINDIR%\Temp\Л«їЄЗэ¶ЇіМРт.exe (downloaded from the Internet)
- %WINDIR%\Temp\Л«їЄЗэ¶ЇіМРт.exe
- 'www.du###n-a.com':80
- www.du###n-a.com/MM/2.txt
- DNS ASK www.du###n-a.com
- '<Private IP address>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''