Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'MPC-HC' = '%APPDATA%\uvbgfjwu\shuurvvr.exe'
- %WINDIR%\syswow64\svchost.exe
- %TEMP%\nsa375f.tmp
- %TEMP%\ch.gif
- %TEMP%\mod_csgo.png
- %TEMP%\thatshowiseethelineup
- %TEMP%\vampire weekend - vampire weeekend - 03 - a-punk.mp3
- %TEMP%\nsc6258.tmp\unquiet.dll
- %APPDATA%\uvbgfjwu\shuurvvr.exe
- %APPDATA%\uvbgfjwu\shuurvvr.exe
- %TEMP%\nsc6258.tmp\unquiet.dll
- '80.##2.123.155':80
- http://www.ms#.com/
- http://ja##.com/
- DNS ASK ms#.com
- DNS ASK ja##.com
- '%WINDIR%\syswow64\svchost.exe'