Technical Information
- %TEMP%\mppfvrh.js
- %TEMP%\eabxzln_99124.exe
- http://fo###m-bg.com/EZQ9ut
- http://me###tcanta.com/aYiftp
- http://ki#####landscape.com/DktnH7
- http://my####thanhtam.com/lJUfuM
- DNS ASK hh##.#x3webs.com
- DNS ASK ir#####ganics.com.au
- DNS ASK ho####sire.co.uk
- DNS ASK ob###ate.com
- DNS ASK fo###m-bg.com
- DNS ASK th#####dothanhly.com
- DNS ASK ex#####onellehair.com
- DNS ASK yo####tionstore.com
- DNS ASK ra#####chiavon.com.br
- DNS ASK me###tcanta.com
- DNS ASK ki#####landscape.com
- DNS ASK th####ding.pictures
- DNS ASK my####thanhtam.com
- '<SYSTEM32>\wscript.exe' %TEMP%\MPpfvRh.js