Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'IntelDifeys' = '%TEMP%\server.exe'
- '%TEMP%\server.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen %TEMP%\123.jpg
- %TEMP%\server.exe
- %TEMP%\123.jpg
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- '93.##8.134.11':25
- 'ap#.##pmania.com':80
- '80.##4.96.251':80
- ap#.##pmania.com/
- DNS ASK sm##.yandex.ru
- DNS ASK ap#.##pmania.com
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'