Technical Information
- %TEMP%\gdngtjngmohdt.js
- %TEMP%\jftzqaq_74084.exe
- %TEMP%\jftzqaq_97271.exe
- %TEMP%\jftzqaq_75286.exe
- %TEMP%\jftzqaq_43950.exe
- %TEMP%\jftzqaq_19638.exe
- %TEMP%\jftzqaq_96009.exe
- http://me####esign.info/o12QeD
- http://mu###mdate.com/mlB3PW
- http://mo##.org.mk/oiNWQ0
- http://no#####likejones.com/hati3x
- http://fm##30.us/BznLrm
- http://no##sys.com/EwX0sO
- http://mc####eyhigh.org/lhAfaC
- http://am##sur.com/sJIEQB
- http://ma#####iproperties.com/pQIJGB
- http://ko###rkum.org/Lntxhy
- http://kt###akis.com/?la#####
- http://kt###akis.com/UHqig6
- http://bi#####prservices.com/4Xc6Fy
- http://ro###arita.com/5NmH3b
- http://ha##mee.com/hIPTXx
- http://kv####vaya-lampa.ru/fC9qZW
- http://po###loki.ru/nbTURt
- http://po###loki.ru/404
- DNS ASK me####esign.info
- DNS ASK mo##.org.mk
- DNS ASK no#####likejones.com
- DNS ASK fm##30.us
- DNS ASK af###ityee.com
- DNS ASK me##kino.ru
- DNS ASK no##sys.com
- DNS ASK mc####eyhigh.org
- DNS ASK je###mpiotr.pl
- DNS ASK am##sur.com
- DNS ASK ro##mind.pl
- DNS ASK be######bersindallas.com
- DNS ASK as####station.com
- DNS ASK sa###iumspb.ru
- DNS ASK re#####.motociclismo.es
- DNS ASK ma#####iproperties.com
- DNS ASK ko###rkum.org
- DNS ASK kt###akis.com
- DNS ASK bi#####prservices.com
- DNS ASK ro###arita.com
- DNS ASK ha##mee.com
- DNS ASK kv####vaya-lampa.ru
- DNS ASK mu###mdate.com
- DNS ASK po###loki.ru
- '<SYSTEM32>\wscript.exe' %TEMP%\gDNgtJNGMOhdT.js