Technical Information
- %WINDIR%\syswow64\notepad.exe
- %TEMP%\f18b9066-32a3-4722-bb06-9097ce758751\agiledotnetrt64.dll
- 'go###acoil.com':80
- 'fr######ect.dvrlists.com':119
- 'ge###ugin.net':80
- http://go###acoil.com/macro/Encrypted%20Client%20OG.jpg
- http://ge###ugin.net/json.gp
- 'fr######ect.dvrlists.com':119
- DNS ASK google.com
- DNS ASK go###acoil.com
- DNS ASK fr######ect.dvrlists.com
- DNS ASK ge###ugin.net
- '%WINDIR%\syswow64\notepad.exe'