Technical Information
- %TEMP%\xbwgesy3bescvu
- %TEMP%\xbwgesy3bescvu.dll
- http://cm#.ro/uftzpd
- http://cl###fmalw.ws/0lq45
- http://ka#####hacht.addr.com/jjfzp
- http://www.fe##esur.es/d8tqk
- http://ka###it.szm.com/my0txxf
- DNS ASK cm#.ro
- DNS ASK cl###fmalw.ws
- DNS ASK ka#####hacht.addr.com
- DNS ASK fe##esur.es
- DNS ASK ka###it.szm.com
- '%WINDIR%\syswow64\rundll32.exe' %TEMP%\XBWGES~1.DLL,qwerty 323