Technical Information
- Windows Defender
- carrmhy.exe
- firefox.exe
- %TEMP%\nsy8ef7.tmp
- %TEMP%\em8zenn6c2qtus7
- %TEMP%\jbduznp
- %TEMP%\carrmhy.exe
- from %TEMP%\carrmhy.exe to %TEMP%\tmpg532.tmp
- 'ch####p.dyndns.org':80
- http://ch####p.dyndns.org/
- DNS ASK ch####p.dyndns.org
- '%TEMP%\carrmhy.exe' %TEMP%\jbduznp