Technical Information
- <SYSTEM32>\tasks\ndy4nja3nnu1nhu
- C:\users\public\<File name>.exe
- C:\users\public\fgkdhkt.zip
- C:\users\public\slmediacontrol\task.dat
- C:\users\public\slmediacontrol\idmmzcc3.xpi
- C:\users\public\slmediacontrol\7z.dll
- C:\users\public\slmediacontrol\timestamp.exe
- C:\users\public\slmediacontrol\7zorg.dll
- C:\users\public\slmediacontrol\timestamp.lnk
- C:\users\public\slmediacontrol\timestamp.dat
- C:\users\public\fgkdhkt.zip
- 'pa###bin.com':443
- 'an####.servequake.com':2146
- 'pa###bin.com':443
- 'an####.servequake.com':2146
- DNS ASK pa###bin.com
- DNS ASK an####.servequake.com
- ClassName: 'WordPadClass' WindowName: ''
- 'C:\users\public\slmediacontrol\timestamp.exe' u C:\Users\Public\Mdfgfx.lzo -u- -up0q3x2z0!C:\Users\\Public\ddajDI.lzo * -r
- 'C:\users\public\slmediacontrol\timestamp.exe' u C:\Users\Public\Mdfgfx.lzo -u- -up0q3x2z0!C:\Users\\Public\ddajDI.lzo * -r' (with hidden window)