Technical Information
- %TEMP%\lrewvpkdex.xffmtphwl
- %TEMP%\dwhzytapshpw.txt
- http://ad#.#ensa.at/api1/vi78ar7BctMrL9/tnFhml7yqhuinfbBXUasD/dLV_2BOjHnN0OS60/VmkKM1YhPv32uHh/WlThmXtw1kv2pIY74c/0iKBSCBpA/VxVOI266KOgS_2F6lCHb/ES8JaQDGcjSlv1poieD/6cYjnUCoBplM_2FJbAH631/TzGN_...
- http://no##.calag.at/api1/l9FYNIQeWpnj/eousBRdnTMK/wISaJnubCVNkkF/mTIvqhU_2FalcxtClE4VB/ThC3Zs4W3C4kmEHC/RbMcp7uo926d6_2/BSnReKtZpt4WgxpwGT/g3OX5nqdf/FldwAdXF4_2FJjqq1fgg/Qz7ogN6DJW2hoWrMGKk/xd...
- DNS ASK ad#.#ensa.at
- DNS ASK no##.calag.at
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '<SYSTEM32>\regsvr32.exe' -s %TEMP%\\dwhzYTApsHpw.txt