Technical Information
- '%TEMP%\1b7d234f_.exe'
- '%TEMP%\56797c89_.exe' /enc 0lzaIqog32irVzNsurBa8gClHri4ohwLj2JOmYir1BRMHtYRzSujO1eGCxmFy9qgP894N9JNetLsR/pCfpcbDKnMaIxuGuNDd/8gp8tHh4CDTjMvamPrRWzy9kANkkDF8e57wgsdPg1l1oPZdF0PMuz33hMZn9OAZzFXxJT6QKwiPtjb93Ic5754fEfiaytV7/n//80abyWcLI17b0CbKZ0hNP5NO9phIcJgEYbpjulvax+ssd+OGUBHYeXuakNdxO0w1i+1GqzRKvZHP+0dVgd93LrX4Mo75bHahm9j5uWtzZmdTcK+UW/ISQi8ngljIIXW3TZMiNm9V2y40aQjjwQteKBvYs
- '%TEMP%\77b262d0_.exe'
- '%TEMP%\56797c89_.exe' (downloaded from the Internet)
- '%TEMP%\77b262d0_.exe' (downloaded from the Internet)
- '%TEMP%\1b7d234f_.exe' (downloaded from the Internet)
- %TEMP%\56797c89_.exe
- %TEMP%\1b7d234f_.exe
- %TEMP%\77b262d0_.exe
- 's.###tmin.info':80
- 'in#####collection.com':80
- 'do#####d.costmin.info':80
- 'su#####.shoppingchip.info':80
- s.###tmin.info/
- in#####collection.com/?HI#######################################
- do#####d.costmin.info/?e=#####################################################################
- su#####.shoppingchip.info/
- DNS ASK s.###tmin.info
- DNS ASK in#####collection.com
- DNS ASK do#####d.costmin.info
- DNS ASK su#####.shoppingchip.info