Technical Information
- '' (downloaded from the Internet)
- %TEMP%\is-N9VRU.tmp\<File name>.tmp
- %TEMP%\is-KIR3J.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-KIR3J.tmp\itdownload.dll
- %TEMP%\is-KIR3J.tmp\jfk0021.exe.config
- %TEMP%\is-KIR3J.tmp\jfk0021.exe
- %TEMP%\is-KIR3J.tmp\itdownload.dll
- %TEMP%\is-KIR3J.tmp\jfk0021.exe
- %TEMP%\is-KIR3J.tmp\jfk0021.exe.config
- %TEMP%\is-KIR3J.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-N9VRU.tmp\<File name>.tmp
- 'ge###syfile.com':80
- http://ge###syfile.com/kL3CuYDWuF/Yx5cJur3eX/jfk0021.exe
- DNS ASK ge###syfile.com
- '%TEMP%\is-N9VRU.tmp\<File name>.tmp' /SL5="$50034,202722,119808,<Full path to file>"
- '%TEMP%\is-KIR3J.tmp\jfk0021.exe' /VS /CID=15150