Technical Information
- %WINDIR%\explorer.exe
- %TEMP%\nsgdd83.tmp
- %TEMP%\dxga4je2t360fes9l
- %TEMP%\r6gd7ukzt14w3
- %TEMP%\nsldda3.tmp\tvtmjpux3wz.dll
- 'ca####vlasvegas.com':80
- 'xi####uwenhua.com':80
- 'cs###mos.com':80
- 'go##tv.com':80
- DNS ASK ca####vlasvegas.com
- DNS ASK xi####uwenhua.com
- DNS ASK cs###mos.com
- DNS ASK go##tv.com
- '%WINDIR%\syswow64\svchost.exe'
- '%WINDIR%\syswow64\cmstp.exe'
- '%WINDIR%\syswow64\cmd.exe' del "%WINDIR%\SysWOW64\svchost.exe"