Technical Information
- '<SYSTEM32>\rundll32.exe' "%TEMP%\ins1.tmp",vfajljqyjdqxti install
- %TEMP%\ins1.tmp
- 'lo####whoo.co.be':80
- lo####whoo.co.be/NCWikkxMPXp0perM8KniQtjZmV6+82gIO/1StpRi3+HnCezrBpRB1vo4ckkhtwlU6EURER2HayxnF3cgv7HDww+YCsnh/L+QW+n5KC8a41U+Qg==
- lo####whoo.co.be/syaDELYt0p6aLDfDh/Ztfdu56Y3ybCv/65ZMv4uwtYZ3CmfCn6b3YOWsTcKLqB+BHT1dsFUL6m2VukqWg9eqXZhmKx4wPLS6mU9NuWA16A0/clT6qoG/DbphNwXyjAp4UwC3Cf1DjERFBGr2ag2uUdIeMpBPrKzlcZ5OYaX4UzSCu8Z2AeKpDIQl9mKlfej2s7SejHu5ydM=
- DNS ASK lo####whoo.co.be
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'