Technical Information
- '%WINDIR%\Temp\_ex-08.exe'
- '%WINDIR%\Temp\_ex-68.exe'
- '%WINDIR%\Temp\_ex-08.exe' (downloaded from the Internet)
- '%WINDIR%\Temp\_ex-68.exe' (downloaded from the Internet)
- %WINDIR%\Temp\_ex-08.exe
- %WINDIR%\Temp\_ex-68.exe
- 'ut###dvwj.ce.ms':80
- 'wo###srzu.ce.ms':80
- http://ut###dvwj.ce.ms/isuspm.exe
- http://wo###srzu.ce.ms/relig20.exe
- DNS ASK ut###dvwj.ce.ms
- DNS ASK wo###srzu.ce.ms