Technical Information
- %WINDIR%\explorer.exe
- iexplore.exe
- firefox.exe process, nss3.dll module
- iexplore.exe process, wininet.dll module
- %TEMP%\gz06xhmm4cyz1g2pv8
- %TEMP%\naxi0fiapqwh2wyryw5z
- %TEMP%\nsrf2f6.tmp\he6ry75w.dll
- 'be#####fulblessings.com':80
- DNS ASK be#####fulblessings.com
- DNS ASK am#######rvice-app-account.com
- '%WINDIR%\syswow64\ipconfig.exe'
- '%WINDIR%\syswow64\cmd.exe' del "<Full path to file>"