Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\yxYvxfKaMf.exe.LNK
- %HOMEPATH%\Start Menu\Programs\Startup\kFPJHmZcmI.exe.LNK
- %HOMEPATH%\Start Menu\Programs\Startup\LjCGyOsTEf.exe.LNK
- User Account Control (UAC)
- '%TEMP%\kSjVzGZQmT.exe' /nogui %TEMP%\NJRAfSoegi.txt
- '%TEMP%\kSjVzGZQmT.exe' (downloaded from the Internet)
- '<SYSTEM32>\cmd.exe' /c %TEMP%\kSjVzGZQmT.exe /nogui %TEMP%\NJRAfSoegi.txt
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\add-ons.ocx
- %TEMP%\yxYvxfKaMf.exe
- %TEMP%\NJRAfSoegi.txt
- %TEMP%\kSjVzGZQmT.exe
- <SYSTEM32>\add-ons.ocx
- %TEMP%\kFPJHmZcmI.exe
- %WINDIR%\LjCGyOsTEf.exe
- '19#.#95.193.51':80
- 'www.dr##box.com':443
- http://19#.#95.193.51/Daniel/Aviso/19-05/Flash.exe
- DNS ASK www.dr##box.com