Technical Information
- <SYSTEM32>\tasks\nvngxupdatecheckdaily_{2a68f03e-f03e-f03e-f03e-2a68f03ef03e}
- %TEMP%\1105.tmp
- %APPDATA%\hjerubf
- %TEMP%\b51b.exe
- %TEMP%\f49c.exe
- %TEMP%\2962.exe
- %TEMP%\46f1.exe
- %APPDATA%\hjerubf
- http://37.##.127.236/2.php
- http://fr####ivacytools.ru/downloads/privacytools2.exe
- http://wi###anld.com/download/004.exe
- http://na###ouzina.net/
- DNS ASK na###ouzina.net
- DNS ASK bi###cket.org
- DNS ASK fr####ivacytools.ru
- DNS ASK wi###anld.com
- '%TEMP%\b51b.exe'
- '%TEMP%\f49c.exe'
- '%TEMP%\2962.exe'
- '%TEMP%\46f1.exe'