Technical Information
- [HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN] 'WINDOWS' = 'C:\Users\Public\Downloads\O7pZeE.exe'
- C:\users\public\downloads\t3d.tmp
- C:\users\public\downloads\t4d.tmp
- C:\users\public\downloads\t5d.tmp
- C:\users\public\downloads\t6d.tmp
- C:\users\public\downloads\mtr.log
- C:\users\public\downloads\o7pzee.exe
- C:\users\public\downloads\libcef.dll
- C:\users\public\downloads\sqlite3.dll
- 'wh###app.com':80
- 'wh###app.com':443
- 'pk#.goog':80
- 'ca###.#espacito5.com':443
- 'mc#.##tanium1.org':443
- http://pk#.goog/gsr1/gsr1.crt
- http://www.wh###app.com/e.bmp
- http://www.wh###app.com/d.bmp
- http://www.wh###app.com/t.bmp
- http://www.wh###app.com/s.bmp
- 'wh###app.com':443
- 'ca###.#espacito5.com':443
- 'mc#.##tanium1.org':443
- DNS ASK wh###app.com
- DNS ASK pk#.goog
- DNS ASK ca###.#espacito5.com
- DNS ASK mc#.##tanium1.org
- ClassName: 'Q360SafeMonClass' WindowName: ''
- ClassName: 'BkShadowWndClass' WindowName: ''
- 'C:\users\public\downloads\o7pzee.exe'