Technical Information
- %TEMP%\sjivtbiwjdxtzi.js
- %TEMP%\hpzgkfh_97797.exe
- %TEMP%\hpzgkfh_24531.exe
- %TEMP%\hpzgkfh_7100.exe
- http://li##roup.ru/vV9c7l
- http://no#####likejones.com/hati3x
- http://an####vazquez.net/1UaAWY
- http://c-##r.at/QSa8sI
- http://li##ion.net/9cRXIl
- http://kt###akis.com/UHqig6
- http://kt###akis.com/?la#####
- http://ma#####iproperties.com/pQIJGB
- http://pv###jekt.pl/oLlqvX
- http://mo##.org.mk/oiNWQ0
- http://kv####vaya-lampa.ru/fC9qZW
- http://am##sur.com/sJIEQB
- http://pg####unitycab.com/FAlx1b
- http://po###loki.ru/nbTURt
- http://po###loki.ru/404
- DNS ASK li##roup.ru
- DNS ASK as####station.com
- DNS ASK am##sur.com
- DNS ASK ca##le78.it
- DNS ASK al###zatrio.com
- DNS ASK kv####vaya-lampa.ru
- DNS ASK mo##.org.mk
- DNS ASK be######bersindallas.com
- DNS ASK pv###jekt.pl
- DNS ASK ro##mind.pl
- DNS ASK pg####unitycab.com
- DNS ASK ma#####iproperties.com
- DNS ASK kt###akis.com
- DNS ASK li##ion.net
- DNS ASK ma####nkostyle.net
- DNS ASK c-##r.at
- DNS ASK an####vazquez.net
- DNS ASK ar####qayler.com
- DNS ASK mi#######press-randburg.co.za
- DNS ASK sa###iumspb.ru
- DNS ASK no#####likejones.com
- DNS ASK ba###ashion.ru
- DNS ASK po###loki.ru
- '<SYSTEM32>\wscript.exe' %TEMP%\sjiVTBIWjDXtzI.js