Technical Information
- '%TEMP%\kilf4.exe'
- '%TEMP%\kilf1.exe'
- '%TEMP%\budha.exe'
- '%TEMP%\kilf4.exe' (downloaded from the Internet)
- '%TEMP%\kilf1.exe' (downloaded from the Internet)
- '<SYSTEM32>\rundll32.exe' dfdts.dll,DfdGetDefaultPolicyAndSMART
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\26USp[1].enc
- %TEMP%\kilf4.exe
- %TEMP%\kilf1.exe
- %TEMP%\budha.exe
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\Test[1].enc
- 'xp###ard.biz':80
- 'da###eek.com.br':80
- xp###ard.biz/images/avatars/26USp.enc
- da###eek.com.br/images/Test.enc
- DNS ASK xp###ard.biz
- DNS ASK da###eek.com.br