Technical Information
- <Current directory>\engine.dll
- <Current directory>\d3dx9.dll
- <Current directory>\itzswmlcpkwgqawp.exe
- C:\rcxd14d.tmp
- C:\rcxd15e.tmp
- %HOMEPATH%\syaluhqwwvck\itzswmlcpkwgqawp.exe
- from C:\rcxd14d.tmp to <Current directory>\itzswmlcpkwgqawp.exe
- from C:\rcxd15e.tmp to <Current directory>\itzswmlcpkwgqawp.exe
- from <Current directory>\itzswmlcpkwgqawp.exe to %HOMEPATH%\syaluhqwwvck\itzswmlcpkwgqawp.exe
- from <Current directory>\engine.dll to %HOMEPATH%\syaluhqwwvck\engine.dll
- from <Current directory>\d3dx9.dll to %HOMEPATH%\syaluhqwwvck\d3dx9.dll
- http://my####supload.biz/get.php?id###########################
- http://te###ata.biz/get.php?id###########################
- DNS ASK my####supload.biz
- DNS ASK te###pload.us
- DNS ASK te###ata.biz
- '%HOMEPATH%\syaluhqwwvck\itzswmlcpkwgqawp.exe' "<Full path to file>" "AGbWZzghSSIP"
- '%HOMEPATH%\syaluhqwwvck\itzswmlcpkwgqawp.exe' "<Full path to file>" "AGbWZzghSSIP"' (with hidden window)