Technical Information
- C:\addons\uson.exe
- C:\addons\xgoes.exe
- C:\addons\xason.exe
- C:\addons\pras.exe
- C:\addons\rasz.exe
- C:\addons\xgoes.exe (downloaded from the Internet)
- C:\addons\xason.exe (downloaded from the Internet)
- C:\addons\rasz.exe (downloaded from the Internet)
- C:\addons\uson.exe (downloaded from the Internet)
- C:\addons\pras.exe (downloaded from the Internet)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\top32[1].gif
- C:\addons\uson.exe
- C:\addons\xgoes.exe
- C:\addons\xason.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\top456[1].gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\top3[1].gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\top05[1].gif
- C:\addons\pras.exe
- C:\addons\rasz.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\top2[1].gif
- 'su######cadojudastadeu.net':80
- 'localhost':1035
- su######cadojudastadeu.net/top32.gif
- su######cadojudastadeu.net/top456.gif
- su######cadojudastadeu.net/top6.gif
- su######cadojudastadeu.net/top05.gif
- su######cadojudastadeu.net/top2.gif
- su######cadojudastadeu.net/top3.gif
- DNS ASK su######cadojudastadeu.net
- '<Private IP address>':1036