Technical Information
- '' (downloaded from the Internet)
- '%APPDATA%\vbc.exe'
- %WINDIR%\explorer.exe
- %APPDATA%\vbc.exe
- %TEMP%\nsmfd05.tmp
- %TEMP%\nsmfd06.tmp\userinfo.dll
- %TEMP%\livechat\htmllangfilter80.xml
- %TEMP%\livechat\x-ustar.xml
- %TEMP%\livechat\c120.xml
- %APPDATA%\abstract\cmaccept.exe
- %APPDATA%\abstract\priberam.xml
- %APPDATA%\abstract\28.opends60.dll
- %APPDATA%\abstract\35.opends60.dll
- %APPDATA%\abstract\crtowordsde.dll
- %APPDATA%\abstract\cpconnectionc.dll
- %APPDATA%\abstract\x-doom-wad.xml
- %TEMP%\shehitah
- %TEMP%\slugfest.dll
- %TEMP%\nsmfd06.tmp\userinfo.dll
- http://au###lishoes.ga/~zadmin/mode/aps.exe
- DNS ASK au###lishoes.ga
- '%CommonProgramFiles%\microsoft shared\equation\eqnedt32.exe' -Embedding
- '%WINDIR%\syswow64\rundll32.exe' Slugfest,Bentley
- '%WINDIR%\syswow64\cmd.exe'
- '%WINDIR%\syswow64\colorcpl.exe'
- '%WINDIR%\syswow64\cmd.exe' del "%WINDIR%\SysWOW64\cmd.exe"