Technical Information
- %TEMP%\jofonwot.js
- %TEMP%\79301.64855170247.exe
- 'ma#####.dolphin247.com':80
- 'pe######eandlimejelly.co.uk':80
- http://th####rmingtree.com/4tv1zU
- http://kl######uegel-shop.mawa.de/xjoQMz
- http://xc##.com/waEJFS
- http://at####icmmagear.com/kCPXL4
- http://pd###gical.com/9KXOlp
- http://in###itees.com/ZV3XUM
- http://al####qfashion.com/v5wXmS
- http://ko###gmem.net/bTt1eI
- DNS ASK th####rmingtree.com
- DNS ASK kl######uegel-shop.mawa.de
- DNS ASK lx####ing.com.sg
- DNS ASK xc##.com
- DNS ASK po###chi.com
- DNS ASK at####icmmagear.com
- DNS ASK yu####jewels.com
- DNS ASK pd###gical.com
- DNS ASK in###itees.com
- DNS ASK ay#####hediyelik.com
- DNS ASK al####qfashion.com
- DNS ASK ko###gmem.net
- DNS ASK mi###et.com.br
- DNS ASK ma#####.dolphin247.com
- DNS ASK pe######eandlimejelly.co.uk
- '<SYSTEM32>\wscript.exe' %TEMP%\joFONWOt.js