Technical Information
- %WINDIR%\syswow64\svchost.exe
- %TEMP%\7r9lnfmo1x.png
- %TEMP%\ajsdadasd.exe
- 'be####us.ns1.name':8084
- http://xm####rvices.com/C/GAEBCBA_FDEBDDCGAABFCACACBBCD_DDGBAGGAB_BECF_EGCBGDEGCG.txt
- http://xm####rvices.com/C/_ADBEAGGBBDE__BEGFCCFBFBCGABFAABGBDBGADGDBCFDFEGEBE_BDC.txt
- DNS ASK pa###bin.com
- DNS ASK xm####rvices.com
- DNS ASK be####us.ns1.name
- '%TEMP%\ajsdadasd.exe'
- '%WINDIR%\syswow64\svchost.exe'