Technical Information
- '<SYSTEM32>\nod32i.exe'
- '<SYSTEM32>\nod32i.exe' (downloaded from the Internet)
- <SYSTEM32>\nod32i.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\nod32i[1].jpg
- %TEMP%\~DF18E8.tmp
- 'we###rn.br5.us':80
- 'localhost':1039
- we###rn.br5.us/nod32i.jpg
- DNS ASK we###rn.br5.us