Technical Information
- %TEMP%\kzkomm.js
- %TEMP%\uioytuo_55592.exe
- %TEMP%\uioytuo_39668.exe
- %TEMP%\uioytuo_4131.exe
- http://bi#####prservices.com/4Xc6Fy
- http://me####esign.info/o12QeD
- http://no##sys.com/EwX0sO
- http://kv####vaya-lampa.ru/fC9qZW
- http://ki##off.ru/WNwvki
- http://li##ion.net/9cRXIl
- http://ri####ncoperu.org/B3AlqT
- http://mu###mdate.com/mlB3PW
- http://pg####unitycab.com/FAlx1b
- http://mo##.org.mk/oiNWQ0
- http://kw##b.it/tNTjZ2
- http://am##sur.com/sJIEQB
- http://re#####antjobs.co.uk/9cgwZ5
- http://re#####antjobs.co.uk/9cgwZ5/
- DNS ASK bi#####prservices.com
- DNS ASK am##sur.com
- DNS ASK kw##b.it
- DNS ASK mo##.org.mk
- DNS ASK be###basol.com
- DNS ASK pg####unitycab.com
- DNS ASK mu###mdate.com
- DNS ASK ri####ncoperu.org
- DNS ASK li##ion.net
- DNS ASK ki##off.ru
- DNS ASK ba###ashion.ru
- DNS ASK kv####vaya-lampa.ru
- DNS ASK be##v24.ru
- DNS ASK ro##mind.pl
- DNS ASK no##sys.com
- DNS ASK ma####nkostyle.net
- DNS ASK me####esign.info
- DNS ASK ba####nhatrang.xyz
- DNS ASK as####station.com
- DNS ASK re#####antjobs.co.uk
- '<SYSTEM32>\wscript.exe' %TEMP%\KzKOmm.js