Technical Information
- '<Current directory>\new.<Virus name>.exe' (downloaded from the Internet)
- '<Current directory>\new.<Virus name>.exe' /u "<Virus name>.exe"
- <Current directory>\new.<Virus name>.exe
- 'ni####db.bget.ru':80
- 'wp#d':80
- http://ni####db.bget.ru/updaterWF.exe
- http://ni####db.bget.ru/ver.txt
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK ni####db.bget.ru
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''