Technical Information
- '' (downloaded from the Internet)
- <SYSTEM32>\alg.exe
- NAVAPW32.EXE
- mpftray.exe
- ZONEALARM.EXE
- smc.exe
- MCAGENT.EXE
- AVP.EXE
- AVGCTRL.EXE
- AVP32.EXE
- AVPM.EXE
- AVPCC.EXE
- %TEMP%\ajdnjhfonmco.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\calc[1].exe
- %TEMP%\IEXPLORE.exe
- <Full path to file>
- '21#.#1.215.184':80
- http://21#.#1.215.184/logs/calc.exe
- ClassName: '' WindowName: 'Windows Security Alert'
- ClassName: '' WindowName: 'Create rule for IEXPLORE.EXE'
- ClassName: '' WindowName: 'Warning: Components Have Changed'
- ClassName: '' WindowName: 'Hidden Process Requests Network Access'
- '%TEMP%\ajdnjhfonmco.exe'
- '%TEMP%\IEXPLORE.exe' <Full path to file>