Technical Information
- <Current directory>\rundll32.dll
- %APPDATA%\windefend.exe
- %TEMP%\user2.txt
- %TEMP%\user7
- %TEMP%\user8
- <Current directory>\rundll32.dll
- %TEMP%\user2.txt
- %TEMP%\user8
- %TEMP%\user7
- %TEMP%\user8
- %TEMP%\user7
- DNS ASK b0#.#o-ip.info
- '%APPDATA%\windefend.exe'