Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ULW' = '"<Full path to virus>"'
- <Current directory>\ULWSettings.ini
- <Current directory>\MBR.bin
- 'te#####tsfsfsf.ucoz.com':80
- te#####tsfsfsf.ucoz.com/Update.txt
- te#####tsfsfsf.ucoz.com/Title.txt
- te#####tsfsfsf.ucoz.com/2296801295
- te#####tsfsfsf.ucoz.com/Ver.txt
- DNS ASK te#####tsfsfsf.ucoz.com
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'msctls_updown32' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'