Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Peer Workstation CNG Reporting' = '%APPDATA%\iccvzfbjoz\jxucjhxfj.exe'
- %APPDATA%\iccvzfbjoz\jxucjhxfj.exe
- %APPDATA%\iccvzfbjoz\ccvfokqdmils.exe
- %APPDATA%\iccvzfbjoz\jxucjhxfj.kchm
- %APPDATA%\iccvzfbjoz\jxucjhxfj.exe
- 'pa###dress.net':80
- http://pa###dress.net/index.php?em#####################################
- DNS ASK pa###dress.net
- DNS ASK si####indeed.net
- DNS ASK mo####notice.net
- DNS ASK si####notice.net
- DNS ASK mo####length.net
- DNS ASK si####length.net
- DNS ASK la###during.net
- DNS ASK mo####indeed.net
- DNS ASK se####during.net
- DNS ASK se####indeed.net
- DNS ASK la###notice.net
- DNS ASK se####notice.net
- DNS ASK la###length.net
- DNS ASK se####length.net
- DNS ASK fi###dress.net
- DNS ASK la###indeed.net
- DNS ASK si####during.net
- '%APPDATA%\iccvzfbjoz\jxucjhxfj.exe'
- '%APPDATA%\iccvzfbjoz\ccvfokqdmils.exe' "%APPDATA%\iccvzfbjoz\jxucjhxfj.exe"