Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\bitcc16.tmp
- %WINDIR%\tasks\nltest.job
- <SYSTEM32>\tasks\nltest
- %WINDIR%\syswow64\cmd.exe
- %TEMP%\nsg6d53.tmp
- %APPDATA%\adobe\bitc2f1.tmp
- %TEMP%\spousaldelineator.dll
- %TEMP%\neighbour
- %APPDATA%\interviews\verwaltung\sendfriend\01-input-sources.xml
- %APPDATA%\interviews\verwaltung\sendfriend\contactleads.xml
- %APPDATA%\interviews\verwaltung\sendfriend\sbsmscorsec.dll
- %APPDATA%\interviews\verwaltung\sendfriend\vnd.lotus-wordpro.xml
- %APPDATA%\interviews\verwaltung\sendfriend\vcompd.dll
- %APPDATA%\interviews\verwaltung\sendfriend\msddsui.dll
- %APPDATA%\interviews\verwaltung\sendfriend\mount-point.xml
- %APPDATA%\interviews\verwaltung\sendfriend\x-dbf.xml
- %APPDATA%\vendor\microsoftvisualbasicvsa.xml
- %APPDATA%\vendor\fdl-appendix.xml
- %APPDATA%\vendor\microsoftvisualstudioui.dll
- %APPDATA%\vendor\13.opends60.dll
- %TEMP%\baa03501.lnk
- %APPDATA%\remcos\logs.dat
- %APPDATA%\adobe\bitc2f1.tmp
- %APPDATA%\microsoft\windows\start menu\programs\startup\bitcc16.tmp
- from %APPDATA%\adobe\bitc2f1.tmp to %APPDATA%\adobe\nltest.exe
- 'mu######a821.duckdns.org':1212
- DNS ASK mu######a821.duckdns.org
- '%WINDIR%\syswow64\rundll32.exe' SpousalDelineator,Bullhead
- '%WINDIR%\syswow64\cmd.exe'