Technical Information
- %TEMP%\wemqebmhp1
- %TEMP%\wemqebmhp2
- 'ci####odrive.com':80
- 'fg###dia.com':80
- '19#.#38.189.69':80
- http://ci####odrive.com/lrvfebc?wE#################
- http://fg###dia.com/imjumsb?wE#################
- DNS ASK ci####odrive.com
- DNS ASK fg###dia.com