Technical Information
- User Account Control (UAC)
- '%TEMP%\xloxgygtwg.exe' -
- <Current directory>\flghissxsufsjvciobpvqrsc.hce
- %TEMP%\flghissxsufsjvciobpvqrsc.hce
- <Current directory>\wc_drop.exe
- %TEMP%\xloxgygtwg.exe
- %WINDIR%\flghissxsufsjvciobpvqrsc.hce
- <SYSTEM32>\flghissxsufsjvciobpvqrsc.hce
- C:\worm_folder\worm.exe
- <LS_APPDATA>\flghissxsufsjvciobpvqrsc.hce
- %PROGRAM_FILES%\flghissxsufsjvciobpvqrsc.hce
- 'wh#####yip.everdot.org':80
- 'www.wh###smyip.ca':80
- 'www.wh###smyip.com':80
- 'www.my##ace.com':80
- 'www.wh###smyip.org':80
- 'wh#####yipaddress.com':80
- http://wh#####yip.everdot.org/
- http://www.wh###smyip.ca/
- http://www.wh###smyip.com/
- http://www.my##ace.com
- http://www.wh###smyip.org/
- http://wh#####yipaddress.com/
- DNS ASK wh#####yip.everdot.org
- DNS ASK www.wh###smyip.ca
- DNS ASK www.wh###smyip.com
- DNS ASK www.my##ace.com
- DNS ASK www.wh###smyip.org
- DNS ASK wh#####yipaddress.com