Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\cmqjpW6RvitFveQlfzf.exe
- '%TEMP%\cmqjpW6RvitFveQlfzf.exe'
- '%TEMP%\cmqjpW6RvitFveQlfzf.exe' (downloaded from the Internet)
- %TEMP%\cmqjpW6RvitFveQlfzf.exe
- %HOMEPATH%\Start Menu\Programs\Startup\cmqjpW6RvitFveQlfzf.exe
- 'rg##st.net':80
- 'wp#d':80
- rg##st.net/download/55988760/1828e6fa3f12063c8318b0cd7692a53463f0b1c9/rrrr.exe
- wp#d/wpad.dat
- DNS ASK rg##st.net
- DNS ASK wp#d