Technical Information
- <SYSTEM32>\cmd.exe /c <Current directory>\<Virus name>.bat
- <Current directory>\<Virus name>.bat
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\user.js
- 'www.up#####puccinohot.com':80
- '17#.#6.229.218':80
- www.up#####puccinohot.com/mobile/upgrade.php?up####
- 17#.#6.229.218/ct2.php
- DNS ASK www.up#####puccinohot.com