Technical Information
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '<Current directory>\cftedadlrojg.exe'
- '<Current directory>\cftedadlrojg.exe'
- <Current directory>\c1.dat
- <Current directory>\c2.dat
- <Current directory>\cftedadlrojg.exe
- <Current directory>\cpath.ini
- <Current directory>\cfteded.exe
- <Current directory>\c2.dat
- <Current directory>\cpath.ini
- <Current directory>\cftedadlrojg.exe
- <Current directory>\c1.dat
- 'i1.##etuku.com':80
- http://i1.##etuku.com/1b5753c01244aca3.png
- http://i1.##etuku.com/e349e2a37ac454b8.jpg
- DNS ASK i1.##etuku.com