Technical Information
- %TEMP%\qwuetilgrcdqdg.js
- %TEMP%\hxfglfe_46604.exe
- %TEMP%\hxfglfe_6844.exe
- http://ha##mee.com/hIPTXx
- http://no#####likejones.com/hati3x
- http://kv####vaya-lampa.ru/fC9qZW
- http://pu####afacile.it/JvZ9cX
- http://am##sur.com/sJIEQB
- http://c-##r.at/QSa8sI
- http://qu#####anieriviste.com/WIKuLk
- http://kw##b.it/tNTjZ2
- http://fm##30.us/BznLrm
- http://li##roup.ru/vV9c7l
- http://mo##.org.mk/oiNWQ0
- http://mo##.org.mk/oiNWQ0/
- http://ri####ncoperu.org/B3AlqT
- http://no##sys.com/EwX0sO
- http://ro###arita.com/5NmH3b
- DNS ASK ha##mee.com
- DNS ASK ma####nkostyle.net
- DNS ASK ri####ncoperu.org
- DNS ASK mo##.org.mk
- DNS ASK li##roup.ru
- DNS ASK bi#####prservices.com
- DNS ASK fm##30.us
- DNS ASK sa###iumspb.ru
- DNS ASK oh###-o-d.info
- DNS ASK al###zatrio.com
- DNS ASK ca##le78.it
- DNS ASK kw##b.it
- DNS ASK no##sys.com
- DNS ASK qu#####anieriviste.com
- DNS ASK me##kino.ru
- DNS ASK c-##r.at
- DNS ASK kt###akis.com
- DNS ASK am##sur.com
- DNS ASK pu####afacile.it
- DNS ASK ro##mind.pl
- DNS ASK kv####vaya-lampa.ru
- DNS ASK ma###-ce.com
- DNS ASK pv###jekt.pl
- DNS ASK no#####likejones.com
- DNS ASK nw###izel.ru
- DNS ASK ar####qayler.com
- DNS ASK ro###arita.com
- '<SYSTEM32>\wscript.exe' %TEMP%\qWuetIlGrCdqDG.js