Technical Information
- rundii32.exe
- %TEMP%\ixp000.tmp\rundii32.exe
- %TEMP%\ixp000.tmp\bounceoutinstall.exe
- %TEMP%\phpfa46.tmp
- %TEMP%\phpfa66.tmp
- %TEMP%\phpfa76.tmp
- %TEMP%\glbfa94.tmp
- %TEMP%\glcfd61.tmp
- %TEMP%\glkfd81.tmp
- %TEMP%\glg937.tmp
- %TEMP%\~glh0000.tmp
- %TEMP%\~glh0001.tmp
- from %TEMP%\~glh0000.tmp to %TEMP%\glf966.tmp
- from %TEMP%\~glh0001.tmp to %TEMP%\glfa42.tmp
- 'vc##ats.com':80
- http://vc##ats.com/url.php
- DNS ASK vc##ats.com
- '%TEMP%\ixp000.tmp\rundii32.exe'
- '%TEMP%\ixp000.tmp\bounceoutinstall.exe'
- '%TEMP%\glbfa94.tmp' 4736 %TEMP%\IXP000.TMP\BOUNCE~1.EXE