Technical Information
- '%WINDIR%\Temp\_ex-08.exe'
- '%WINDIR%\Temp\_ex-68.exe'
- '%WINDIR%\Temp\_ex-08.exe' (downloaded from the Internet)
- '%WINDIR%\Temp\_ex-68.exe' (downloaded from the Internet)
- %WINDIR%\Temp\_ex-08.exe
- %WINDIR%\Temp\_ex-68.exe
- 'ty##yur.in':80
- 're##dir.in':80
- http://ty##yur.in/notepad.exe
- http://re##dir.in/veresk1.exe
- DNS ASK ty##yur.in
- DNS ASK re##dir.in