Technical Information
- '' (downloaded from the Internet)
- '%APPDATA%\princedan85671.exe'
- %WINDIR%\explorer.exe
- iexplore.exe
- iexplore.exe process, wininet.dll module
- firefox.exe process, nss3.dll module
- %APPDATA%\princedan85671.exe
- %TEMP%\princedan85671.exe
- %TEMP%\princedan85671.exe
- 'to##.xyz':80
- 'dr####ckerstore.com':80
- 'bl######ltbusinesses.com':80
- DNS ASK to##.xyz
- DNS ASK dr####ckerstore.com
- DNS ASK bl######ltbusinesses.com
- DNS ASK lo###bazaar.com
- '%TEMP%\princedan85671.exe' vgyjnbhui
- '%CommonProgramFiles%\microsoft shared\equation\eqnedt32.exe' -Embedding
- '%WINDIR%\syswow64\netstat.exe'
- '%WINDIR%\syswow64\cmd.exe' del "%TEMP%\princedan85671.exe"