Technical Information
- <SYSTEM32>\tasks\nvngxupdatecheckdaily_{2a68f03e-f03e-f03e-f03e-2a68f03ef03e}
- %TEMP%\1105.tmp
- %APPDATA%\gsrfuwu
- %TEMP%\a765.exe
- %TEMP%\c7e1.exe
- %TEMP%\caa0.exe
- %TEMP%\cfb0.exe
- %APPDATA%\gsrfuwu
- http://37.##.127.236/2.php
- http://na###ouzina.net/
- DNS ASK na###ouzina.net
- DNS ASK ko##new.com
- '%TEMP%\a765.exe'
- '%TEMP%\c7e1.exe'
- '%TEMP%\caa0.exe'
- '%TEMP%\cfb0.exe'