Technical Information
- '%TEMP%\21772sys.exe'
- '%TEMP%\21772sys.exe' (downloaded from the Internet)
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\vbc.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- %TEMP%\21772sys.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\sipcli[1]
- 'w2####4.blob4.ge.tt':80
- 'localhost':1035
- w2####4.blob4.ge.tt/streams/6lvVrWo/sipcli.exe?si###################################################
- DNS ASK w2####4.blob4.ge.tt