Technical Information
- '%WINDIR%\Temp\_ex-08.exe'
- '%WINDIR%\Temp\_ex-68.exe'
- '%WINDIR%\Temp\_ex-08.exe' (downloaded from the Internet)
- '%WINDIR%\Temp\_ex-68.exe' (downloaded from the Internet)
- %WINDIR%\Temp\_ex-08.exe
- %WINDIR%\Temp\_ex-68.exe
- 'xu##tgu.eu':80
- 'uf##jur.eu':80
- http://xu##tgu.eu/jucheck.exe
- http://uf##jur.eu/prado02.exe
- DNS ASK xu##tgu.eu
- DNS ASK uf##jur.eu