Technical Information
- <SYSTEM32>\notepad.exe <Current directory>\<Virus name>.txt
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\svchost.exe
- <Current directory>\<Virus name>.txt
- <LS_APPDATA>\lxwnijhg.exe
- '17#.#7.103.54':8080
- '21#.#9.160.150':41765
- '21#.#60.236.108':41765
- '66.#.209.185':43456
- '50.##.136.150':8080
- '12#.#19.190.205':43456
- '21#.#60.236.108':43456
- '79.##0.89.209':41765
- '95.##3.180.42':43456
- '13#.#8.105.45':43456
- '17#.#24.211.194':43456
- '22#.#55.237.132':41765
- '95.##3.180.42':41765
- '21#.#86.42.77':43456
- '18#.#12.156.180':8080
- '66.#.209.185':41765
- '18#.#0.141.4':43456
- '46.##5.121.86':41765
- ClassName: 'Shell_TrayWnd' WindowName: ''