Technical Information
- '%WINDIR%\winlogout.exe'
- '%WINDIR%\winlogout.exe' (downloaded from the Internet)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\Final[1].exe
- %WINDIR%\winlogout.exe
- %WINDIR%\crrss.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\Prova[1].jpg
- %WINDIR%\Plugin.png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\Uplo[1].exe
- 'tr#####.altervista.org':80
- tr#####.altervista.org/Data/Final.exe
- tr#####.altervista.org/Data/Uplo.exe
- tr#####.altervista.org/Data/Prova.jpg
- DNS ASK tr#####.altervista.org
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'