Technical Information
- '%WINDIR%\wlcomms.exe'
- '%WINDIR%\winsys.exe'
- '%WINDIR%\winlogams.exe'
- '%WINDIR%\winsys.exe' (downloaded from the Internet)
- '%WINDIR%\winlogams.exe' (downloaded from the Internet)
- '%WINDIR%\wlcomms.exe' (downloaded from the Internet)
- %WINDIR%\wlcomms.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\winsys[1].exe
- %WINDIR%\winsys.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\winlogams[1].exe
- %WINDIR%\winlogams.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\wlcomms[1].exe
- 'sa########.dominiotemporario.com':80
- 'localhost':1036
- sa########.dominiotemporario.com/onsite/site2/winsys.exe
- sa########.dominiotemporario.com/onsite/site2/wlcomms.exe
- sa########.dominiotemporario.com/onsite/site2/winlogams.exe
- DNS ASK sa########.dominiotemporario.com