Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'winnit.exe' = 'C:\ProgramData\Adobe\Bin\winnit.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ExpIorer.exe' = 'C:\ProgramData\Adobe\Bin\ExpIorer.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'outlookmail.exe' = 'C:\ProgramData\Adobe\Bin\outlookmail.exe'
- C:\ProgramData\Adobe\Bin\winnit.exe
- C:\ProgramData\Adobe\Bin\ExpIorer.exe
- C:\ProgramData\Adobe\Bin\outlookmail.exe
- C:\ProgramData\Adobe\Bin\win.jpg
- C:\ProgramData\Adobe\Bin\winnit.exe
- C:\ProgramData\Adobe\Bin\ExpIorer.exe
- C:\ProgramData\Adobe\Bin\outlookmail.exe
- '37.##7.35.223':80
- 'bi#.ly':80
- http://37.##7.35.223/downloadjune/altie.mp3
- http://37.##7.35.223/downloadjune/rmt.mp3
- http://37.##7.35.223/downloadjune/ext.mp3
- http://bi#.ly/1kjulai
- DNS ASK bi#.ly