Technical Information
- '%TEMP%\budha.exe'
- '<SYSTEM32>\ntvdm.exe' -i1
- %TEMP%\scsA90A.tmp
- %TEMP%\scsAA34.tmp
- %TEMP%\kilf.exe
- %TEMP%\budha.exe
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\Targ-1305USdp[1].enc
- %TEMP%\scsAA34.tmp
- %TEMP%\scsA90A.tmp
- 'ei###-tech.com':80
- ei###-tech.com/scripts/Targ-1305USdp.enc
- DNS ASK ei###-tech.com
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-b3c.b38.b64'