Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\drv_xbujc.exe
- 're#######da.gratisphphost.info':80
- 'm.###ebook.com':80
- 'm.###ebook.com':443
- 'st####.xx.fbcdn.net':443
- 'fb##x.com':443
- 'oc##.#tartssl.com':80
- 'oc##.thawte.com':80
- http://re#######da.gratisphphost.info/insdb.php?ta###################################################################
- http://m.###ebook.com/
- http://oc##.#tartssl.com/sub/class2/code/ca/MEMwQTA%2FMD0wOzAJBgUrDgMCGgUABBQSOgrhRCSnWfKxoWTjWxhk8hga9AQU0E4PQJlsuEsZbzsouODjiAc0qrcCAhAV
- http://oc##.thawte.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEEeXTXhzpbyrDS%2BzcBkvzl4%3D
- 'm.###ebook.com':443
- 'st####.xx.fbcdn.net':443
- DNS ASK re#######da.gratisphphost.info
- DNS ASK m.###ebook.com
- DNS ASK microsoft.com
- DNS ASK st####.xx.fbcdn.net
- DNS ASK fa###ook.com
- DNS ASK fb##n.net
- DNS ASK fb##x.com
- DNS ASK st####.rapidssl.com
- DNS ASK oc##.#tartssl.com
- DNS ASK oc##.thawte.com
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''