Technical Information
- %WINDIR%\explorer.exe
- ahzkxecq.exe
- %TEMP%\nsh62e8.tmp
- %TEMP%\jejoxso.m
- %TEMP%\alacuzi.u
- %TEMP%\ahzkxecq.exe
- DNS ASK ar####atheus.com
- DNS ASK ah######construction.com
- '%TEMP%\ahzkxecq.exe' %TEMP%\alacuzi.u
- '%TEMP%\ahzkxecq.exe'
- '%WINDIR%\syswow64\raserver.exe'