Technical Information
- %TEMP%\broomsetup.exe
- %TEMP%\nsc91b6.tmp\inetc.dll
- %TEMP%\nsm91a5.tmp
- %TEMP%\nsm91a5.tmp
- %TEMP%\nsc91b6.tmp\inetc.dll
- 'ap#.#pify.org':80
- '91.#2.254.7':80
- '5.##.64.35':80
- 'ip###ger.com':443
- 'pk#.goog':80
- 'zo###larm.com':443
- 'kaspersky.com':443
- 'ma####ebytes.com':443
- http://ap#.#pify.org/?fo########
- http://91.#2.254.7/scripts/plus.php?ip##################################
- http://5.##.64.35/syncUpd.exe
- http://pk#.goog/gsr1/gsr1.crt
- 'ip###ger.com':443
- 'zo###larm.com':443
- 'kaspersky.com':443
- 'ma####ebytes.com':443
- DNS ASK ap#.#pify.org
- DNS ASK ip###ger.com
- DNS ASK pk#.goog
- DNS ASK zo###larm.com
- DNS ASK kaspersky.com
- DNS ASK ma####ebytes.com
- ClassName: 'msctls_updown32' WindowName: ''
- '%TEMP%\broomsetup.exe'