Technical Information
- '%TEMP%\sft\module.exe' 5FB751E6AAD74DAE2E57FEEF849B183A
- '%TEMP%\sft\module.exe' (downloaded from the Internet)
- %TEMP%\sft\x64\SQLite.Interop.dll
- %TEMP%\sft\x86\SQLite.Interop.dll
- %TEMP%\sft\System.Data.SQLite.dll
- %PROGRAM_FILES%\Steam\Steam.exe
- %TEMP%\sft\module.exe
- '5.##.124.175':80
- http://5.##.124.175/files/x64/SQLite.Interop.dll
- http://5.##.124.175/files/x86/SQLite.Interop.dll
- http://5.##.124.175/files/module.exe
- http://5.##.124.175/files/System.Data.SQLite.dll
- DNS ASK oc###.#lobalsign.com
- DNS ASK cr#.##obalsign.com
- DNS ASK crl.microsoft.com
- DNS ASK ct###.#indowsupdate.com
- DNS ASK dn#.##ftncsi.com
- DNS ASK cr#.##obalsign.net
- ClassName: 'Shell_TrayWnd' WindowName: ''