Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\soqzmvflxaljtkofzvbwepv6swc.lnk
- %LOCALAPPDATA%\wiatrace.log
- %LOCALAPPDATA%\rwu98fd8gabch\zwmxt8pfndogsdkiyuqhmkarh.wsf
- %APPDATA%\mwkvtfeorgbtsa.zip
- %APPDATA%\dehslu~1\kepzjkgpuyzbdr.db
- %APPDATA%\dehslu~1\scrdoxtfjuzzndx.db
- %APPDATA%\dehslu~1\kepzjkgpuyzbdr.exe
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012020041420200415\index.dat
- %APPDATA%\mwkvtfeorgbtsa.zip
- %LOCALAPPDATA%\rwu98fd8gabch\zwmxt8pfndogsdkiyuqhmkarh.wsf
- http://16#.#.224.228/Dmoleqpkykdyu/Gubhdulzbhvcxwxnp/Zfwxqyrozr/Vhnpknvwvyouizia/Mwkvtfeorgbtsa.db
- http://63.##0.42.64/up_list_ld.php?1=##########################################################################################
- http://63.##0.42.64/favicon.ico
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '<SYSTEM32>\wscript.exe' "%LOCALAPPDATA%\rwu98fd8gabcH\ZwmXT8PFnDogSDKiyuQhmKarh.wsf"
- '%ProgramFiles%\internet explorer\iexplore.exe' -Embedding