Technical Information
- %WINDIR%\syswow64\bthudtask.exe
- C:\fjgfggfjf0.ini
- C:\fjgfggfjf0.ini
- from <Full path to file> to %TEMP%\hkba9glchahb25t\....\hkba9glchahb25t
- <Full path to file>
- 'lo###.nb00001.com':1714
- http://lo###.#FD3D.com:1714/CFESP/CFESP.txt?10#####
- http://lo###.#fd3d.com:1714/CFESP/CFESPpuppet.Txt?10##### via lo###.cfd3d.com
- DNS ASK lo###.cfd3d.com
- DNS ASK lo###.nb00001.com
- '%WINDIR%\syswow64\bthudtask.exe'