Technical Information
- %PROGRAM_FILES%\ext\SannneR.exe
- %PROGRAM_FILES%\ext\islem1.exe
- <SYSTEM32>\taskkill.exe /im iexplore.exe /f
- <SYSTEM32>\taskkill.exe /im chrome.exe /f
- <SYSTEM32>\taskkill.exe /im browser.exe /f
- <SYSTEM32>\taskkill.exe /im firefox.exe /f
- firefox.exe
- chrome.exe
- iexplore.exe
- %PROGRAM_FILES%\ext\islem2.exe
- %PROGRAM_FILES%\ext\SannneR.exe
- %PROGRAM_FILES%\hcfubonvrwvjqwizzlbtqqvddnquxwaygyezniosuzxgahdpltzzzkoqtnowuvjgpebauwugpwszthan.zip
- %PROGRAM_FILES%\ext\islem1.exe
- %TEMP%\$inst\2.tmp
- <SYSTEM32>\wbem\Performance\WmiApRpl_new.ini
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\temp_0.tmp
- 'si###ati.com':80
- si###ati.com/ext.zip
- si###ati.com/id.txt?0
- si###ati.com/hosts.txt
- DNS ASK si###ati.com
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''