Technical Information
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\lsass.exe
- <SYSTEM32>\csrss.exe
- <SYSTEM32>\spoolsv.exe
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\49ABCDEF\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\JGEBYIRY\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\6AZO4WCC\desktop.ini
- %TEMP%\7af3996f
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\W1BUMWXY\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\JGEBYIRY\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\6AZO4WCC\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\W1BUMWXY\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\49ABCDEF\desktop.ini
- %TEMP%\7af3996f
- 'bo##l.com':80
- bo##l.com/tw.php?qr#####################################
- DNS ASK bo##l.com
- '<Private IP address>':1035