Technical Information
- %WINDIR%\tasks\{62c40aa6-4406-467a-a5a5-dfdf1b559b7a}.job
- <SYSTEM32>\tasks\{62c40aa6-4406-467a-a5a5-dfdf1b559b7a}
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\] '1601' = '00000000'
- %WINDIR%\tmyloa.exe
- %WINDIR%\tasks\{62c40aa6-4406-467a-a5a5-dfdf1b559b7a}.job
- http://pl##van.com/1wave.php
- http://ne###ite.com/1wave.php
- http://ba##i.com/1wave.php
- DNS ASK de###ntart.com
- DNS ASK mi#i.jp
- DNS ASK pl##van.com
- DNS ASK ne###ite.com
- DNS ASK ba##i.com
- '%WINDIR%\tmyloa.exe'