Technical Information
- '%PROGRAM_FILES%\WinRAR\updata.exe'
- 'C:\ґ«ЖжµЗВјЖч.exe'
- '%PROGRAM_FILES%\WinRAR\updata.exe' (downloaded from the Internet)
- %PROGRAM_FILES%\WinRAR\updata.exe
- %HOMEPATH%\Desktop\EuEA?«¶·µCA???.lnk
- C:\ґ«ЖжµЗВјЖч.exe
- 'www.wa###hepk.com':80
- www.wa###hepk.com/dlq.exe
- DNS ASK www.wa###hepk.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'