Technical Information
- '%TEMP%\mss932A.exe'
- '%TEMP%\mss932A.exe' (downloaded from the Internet)
- '<SYSTEM32>\rundll32.exe' dfdts.dll,DfdGetDefaultPolicyAndSMART
- %TEMP%\mss932A.exe
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\arsgdvcs1233[1]
- 'co####-outils.qc.ca':80
- 'localhost':58786
- co####-outils.qc.ca/arsgdvcs1233
- DNS ASK co####-outils.qc.ca