Technical Information
- %TEMP%\etdqr.js
- %TEMP%\hxsiabe_14770.exe
- http://bi#####prservices.com/4Xc6Fy
- http://kw##b.it/tNTjZ2
- http://ma###-ce.com/n859VM
- http://pv###jekt.pl/oLlqvX
- http://pg####unitycab.com/FAlx1b
- http://no#####likejones.com/hati3x
- http://po###loki.ru/nbTURt
- http://po###loki.ru/404
- DNS ASK bi#####prservices.com
- DNS ASK kw##b.it
- DNS ASK ma###-ce.com
- DNS ASK as####station.com
- DNS ASK pv###jekt.pl
- DNS ASK pa###.heutagon.com
- DNS ASK pg####unitycab.com
- DNS ASK mi#######press-randburg.co.za
- DNS ASK re#####.motociclismo.es
- DNS ASK ar####qayler.com
- DNS ASK oh###-o-d.info
- DNS ASK no#####likejones.com
- DNS ASK po###loki.ru
- '<SYSTEM32>\wscript.exe' %TEMP%\etdQr.js