Technical Information
- '%TEMP%\lytoq.exe'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %TEMP%\lytoq.exe
- %TEMP%\utt5BD2.tmp
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\pack11[1].pne
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\pack11[1].pne
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\pack11[1].pne
- 'ma####carpas.com':80
- 'mi####lboyton.co.uk':80
- '20#.#53.35.133':37154
- ma####carpas.com/mandoc/pack11.pne
- mi####lboyton.co.uk/resources/pack11.pne
- DNS ASK ma####carpas.com
- DNS ASK mi####lboyton.co.uk