Technical Information
- %TEMP%\tgnqwdjdlkh.js
- %TEMP%\olmaley_29514.exe
- %TEMP%\olmaley_71984.exe
- http://si####gems.com.au/lczTQ6
- http://ma###elight.com/JBmCpi
- http://rc###namade.com/do48kR
- http://sh###lovers.com/PT5bdR
- http://ai###hop.com/GUHqKy
- http://co###atour.com/VMIz0P
- DNS ASK na##tet.com
- DNS ASK de####hopper.com
- DNS ASK si####gems.com.au
- DNS ASK ma###elight.com
- DNS ASK sh####mejewelry.com
- DNS ASK lo###rana.com
- DNS ASK rc###namade.com
- DNS ASK sh###lovers.com
- DNS ASK te########dofgiftsandbargains.co.uk
- DNS ASK ai###hop.com
- DNS ASK li###orms.com
- DNS ASK co###atour.com
- DNS ASK st#####ryourhome.co.uk
- '<SYSTEM32>\wscript.exe' %TEMP%\TgNQWdJdLkH.js