Technical Information
- %TEMP%\oxgbjyxh
- %TEMP%\oxgbjyxh.dll
- 'cm#.ro':80
- http://ka#####hacht.addr.com/jjfzp
- http://ka###it.szm.com/my0txxf
- DNS ASK cm#.ro
- DNS ASK ka#####hacht.addr.com
- DNS ASK ka###it.szm.com
- '%WINDIR%\syswow64\rundll32.exe' %TEMP%\oxGBjYXH.dll,qwerty 323