Technical Information
- %TEMP%\pgbfobf7l6dekwi
- %TEMP%\pgbfobf7l6dekwi.dll
- 'cm#.ro':80
- http://www.of####dhandel.de/yv815pa
- http://am######armand.perso.sfr.fr/kzp5dx
- http://cl###fmalw.ws/0lq45
- http://an####rstandard.com/p8b9x
- DNS ASK of####dhandel.de
- DNS ASK am######armand.perso.sfr.fr
- DNS ASK cl###fmalw.ws
- DNS ASK an####rstandard.com
- DNS ASK cm#.ro
- '%WINDIR%\syswow64\rundll32.exe' %TEMP%\PGBFOB~1.DLL,qwerty 323