Technical Information
- %TEMP%\cjhojmplmopd.js
- http://bi###inrus.ru/IzAtbH
- http://ba#####valandirma.com/7MQ2AT
- http://ba##edia.pl/BEVwnx
- http://au####gunsammo.com/KnCOrh
- http://b2####daction.fr/8IB6TP
- http://au#####ictherapy.com/GpsCve
- http://az##s.com/BCxfzy
- http://bl####ollection.ca/6ydZse
- DNS ASK bi###inrus.ru
- DNS ASK ba#####valandirma.com
- DNS ASK ba##edia.pl
- DNS ASK au####gunsammo.com
- DNS ASK av#####nelcrafts.com
- DNS ASK av###.com.tr
- DNS ASK as###urid.net
- DNS ASK b2####daction.fr
- DNS ASK bl##.#izmohelp.com
- DNS ASK ax###overs.com
- DNS ASK au#####ictherapy.com
- DNS ASK az##s.com
- DNS ASK bl####ollection.ca
- DNS ASK be###y4you.cz
- '<SYSTEM32>\wscript.exe' %TEMP%\cJHOjMplMopD.js