Technical Information
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'explorer.exe, %TEMP%\LjpBmOnmp\ZdkEHyGYo.exe'
- %WINDIR%\microsoft.net\framework\v4.0.30319\cvtres.exe
- %TEMP%\ljpbmonmp\zdkehygyo.exe
- '14#.#5.6.166':1337
- '23.##5.131.222':1338
- ClassName: 'Progman' WindowName: ''
- ClassName: 'Proxy Desktop' WindowName: ''
- ClassName: 'SystemTray_Main' WindowName: ''
- ClassName: 'Media Center Tray Applet' WindowName: ''
- ClassName: '' WindowName: 'View Available Networks'
- ClassName: 'BluetoothNotificationAreaIconWindowClass' WindowName: 'BluetoothNotificationAreaIconWindowClass'
- ClassName: 'BluetoothNotificationAreaIconWindowClass' WindowName: ''
- '%WINDIR%\syswow64\cmd.exe' /fsfs' (with hidden window)
- '%WINDIR%\microsoft.net\framework\v4.0.30319\cvtres.exe' Client 23.105.131.222 1338 GeCtJcupS' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /fsfs
- '%WINDIR%\microsoft.net\framework\v4.0.30319\vbc.exe'
- '%WINDIR%\explorer.exe'
- '<SYSTEM32>\ctfmon.exe'
- '%WINDIR%\microsoft.net\framework\v4.0.30319\cvtres.exe' Client 23.105.131.222 1338 GeCtJcupS