Technical Information
- <SYSTEM32>\midimap.dll with <SYSTEM32>\midimap.dll
- <SYSTEM32>\wshtcpip.dll
- '%TEMP%\is-KFA2F.tmp\<File name>.tmp' /SL5="$30092,666092,56832,<Full path to file>"
- '<SYSTEM32>\taskkill.exe' /F /IM ProtectWeb.exe
- '%TEMP%\248d6.tmp'
- '%TEMP%\299d5.exe'
- %TEMP%\B1.zip
- %TEMP%\C1.zip
- %TEMP%\D1.zip
- %TEMP%\248d6.tmp
- %TEMP%\299d5.exe
- %TEMP%\A1.zip
- <SYSTEM32>\midimap.dll
- <SYSTEM32>\wshtcpip.dll
- from <SYSTEM32>\wshtcpip.dll to %TEMP%\uby3t
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''