Technical Information
- %WINDIR%\microsoft.net\framework\v2.0.50727\csc.exe
- iexplore.exe
- ClassName: '', WindowName: 'Yahoo! Messenger'
- %TEMP%\sqlite3.dll
- %TEMP%\sqlite3.dll
- http://or######kyle.fileave.com/Blackshades%203.6.exe
- DNS ASK or######kyle.fileave.com
- '%WINDIR%\microsoft.net\framework\v2.0.50727\csc.exe'
- '%ProgramFiles(x86)%\internet explorer\iexplore.exe' /scomma "%TEMP%\tmp.ini"
- '%WINDIR%\microsoft.net\framework\v2.0.50727\dw20.exe' -x -s 948