Technical Information
- '%TEMP%\temp2417494629.exe'
- '%TEMP%\temp1426636490.exe'
- '%TEMP%\temp2417494629.exe' (downloaded from the Internet)
- '%TEMP%\temp1426636490.exe' (downloaded from the Internet)
- %TEMP%\temp2417494629.exe
- %TEMP%\temp1426636490.exe
- '95.##.114.254':80
- '31.##0.140.199':80
- http://95.##.114.254/pod2/unbr001.exe
- http://31.##0.140.199/pod1/unbr001.exe