Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'AUTARKE' = '%HOMEPATH%\Trbenene9\OSSUARIESB.vbs'
- ossuariesb.exe
- %HOMEPATH%\trbenene9\ossuariesb.exe
- %HOMEPATH%\trbenene9\ossuariesb.vbs
- 'vd####9wogzzu.info':4405
- 'xv#####1skbs0bo.info':4405
- http://vd####9wogzzu.info/us3.bin
- DNS ASK vd####9wogzzu.info
- DNS ASK xv#####1skbs0bo.info
- DNS ASK jq####y7489jkmb.ru
- DNS ASK ct####n17qjpwv4.ru
- DNS ASK wv#####jspasvvi.info
- DNS ASK 5b####9ipmxb0qq.ru
- DNS ASK n8#####2bkdpfd7.info
- '%HOMEPATH%\trbenene9\ossuariesb.exe'