Technical Information
- %TEMP%\nsied6b.tmp\dllwebcount.dll
- %WINDIR%\g_icon.ico
- %HOMEPATH%\desktop\g¸¶äï.lnk
- %APPDATA%\microsoft\internet explorer\quick launch\g¸¶äï.lnk
- %HOMEPATH%\favorites\g¸¶äï.url
- %TEMP%\nsied6b.tmp\selfdelete.dll
- C:\delus.bat
- %TEMP%\nsied6b.tmp\dllwebcount.dll
- %TEMP%\nsied6b.tmp\selfdelete.dll
- 'th#####ia4.cafe24.com':80
- http://th#####ia4.cafe24.com/partner/200004704/request/count.php?mo########################
- DNS ASK th#####ia4.cafe24.com
- '%WINDIR%\syswow64\cmd.exe' /c \DelUS.bat' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c \DelUS.bat