Technical Information
- '' (downloaded from the Internet)
- %TEMP%\is-RSRG0.tmp\<File name>.tmp
- %TEMP%\is-IJFE2.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-IJFE2.tmp\itdownload.dll
- %TEMP%\is-IJFE2.tmp\netstream.exe
- %TEMP%\is-IJFE2.tmp\SetupZippy.exe
- %TEMP%\is-IJFE2.tmp\itdownload.dll
- %TEMP%\is-IJFE2.tmp\netstream.exe
- %TEMP%\is-IJFE2.tmp\SetupZippy.exe
- %TEMP%\is-IJFE2.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-RSRG0.tmp\<File name>.tmp
- 'al####oudmedia.com':80
- http://al####oudmedia.com/tunnel/netstream.exe
- DNS ASK al####oudmedia.com
- '%TEMP%\is-RSRG0.tmp\<File name>.tmp' /SL5="$30092,516218,120320,<Full path to file>"
- '%TEMP%\is-IJFE2.tmp\netstream.exe' /pubid=9 /subid=9
- '%TEMP%\is-IJFE2.tmp\SetupZippy.exe' /VerySilent