Technical Information
- '%TEMP%\MMva_1010.exe'
- '%TEMP%\setup_t10094.exe'
- '%TEMP%\80326_al.exe'
- '%TEMP%\bfgminer.exe'
- '%TEMP%\superie.exe'
- '%TEMP%\gssoft.exe'
- '%TEMP%\80326_al.exe' (downloaded from the Internet)
- '%TEMP%\bfgminer.exe' (downloaded from the Internet)
- '%TEMP%\gssoft.exe' (downloaded from the Internet)
- '%TEMP%\superie.exe' (downloaded from the Internet)
- '%TEMP%\setup_t10094.exe' (downloaded from the Internet)
- '%TEMP%\MMva_1010.exe' (downloaded from the Internet)
- %TEMP%\setup_t10094.exe
- %TEMP%\80326_al.exe
- %TEMP%\bfgminer.exe
- %TEMP%\superie.exe
- %TEMP%\gssoft.exe
- %TEMP%\MMva_1010.exe
- 'www.sj##.com':80
- 'www.me##va.com':80
- 'www.ry##o.com':80
- www.sj##.com/hezi/jm/setup_t10094.exe
- www.ry##o.com/myfile/2227921967/Pack/80326_al.jpg
- www.ry##o.com/myfile/2227921967/Pack/bfgminer-3.jpg
- www.ry##o.com/myfile/2227921967/PNG/superie96.jpg
- www.ry##o.com/myfile/2227921967/Pack/gssoft-10.jpg
- www.me##va.com/uid/MMva_1010.exe
- DNS ASK www.sj##.com
- DNS ASK www.me##va.com
- DNS ASK www.ry##o.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'