Technical Information
- nul
- %TEMP%\wdiyaxxumv.js
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012020051320200514\index.dat
- %TEMP%\wdiyaxxumv.js
- 'se#####.crazynet.org':80
- http://ad##t.oo.lv/ldr/j3_2.php?s=
- http://pa#####.#ooglesyndication.com/pagead/show_ads.js
- http://ad##t.oo.lv/favicon.ico
- DNS ASK ad##t.oo.lv
- DNS ASK pa#####.#ooglesyndication.com
- DNS ASK se####.hopto.org
- DNS ASK se#####.crazynet.org
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%WINDIR%\syswow64\wscript.exe' //B "%TEMP%\WDIYAXXUmv.js" "<Full path to file>"
- '%WINDIR%\syswow64\wscript.exe' //B "%TEMP%\WDIYAXXUmv.js" "<Full path to file>"' (with hidden window)