Technical Information
- '%WINDIR%\Temp\_ex-08.exe'
- '%WINDIR%\Temp\_ex-68.exe'
- '%WINDIR%\Temp\_ex-08.exe' (downloaded from the Internet)
- '%WINDIR%\Temp\_ex-68.exe' (downloaded from the Internet)
- %WINDIR%\Temp\_ex-08.exe
- %WINDIR%\Temp\_ex-68.exe
- 'na##gxu.in':80
- 'wi##xri.in':80
- http://na##gxu.in/notepad.exe
- http://wi##xri.in/rtce006.exe
- DNS ASK na##gxu.in
- DNS ASK wi##xri.in