Technical Information
- %TEMP%\files\Keylogger.exe
- %TEMP%\files\Keylogger.exe (downloaded from the Internet)
- <SYSTEM32>\notepad.exe %TEMP%\Clan.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\QtCore4[1].dll
- %TEMP%\files\QtNetwork4.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\QtNetwork4[1].dll
- %TEMP%\files\Keylogger.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\Keylogger.exe[1].zip
- %TEMP%\files\QtCore4.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\mingwm10[1].dll
- %TEMP%\Clan.txt
- %TEMP%\aut1.tmp
- %TEMP%\files\libgcc_s_dw2-1.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\libgcc_s_dw2-1[1].dll
- %TEMP%\files\mingwm10.dll
- %TEMP%\aut1.tmp
- 'ja#####20.byethost7.com':80
- ja#####20.byethost7.com/KeyLogging/Software/QtCore4.dll
- ja#####20.byethost7.com/KeyLogging/Software/Keylogger.exe.zip
- ja#####20.byethost7.com/KeyLogging/Software/QtNetwork4.dll
- ja#####20.byethost7.com/KeyLogging/Software/mingwm10.dll
- ja#####20.byethost7.com/KeyLogging/Software/libgcc_s_dw2-1.dll
- DNS ASK ja#####20.byethost7.com
- ClassName: 'Shell_TrayWnd' WindowName: ''